Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
5.4
CVSSv2

CVE-2006-5466

Published: 06/11/2006 Updated: 08/03/2011
CVSS v2 Base Score: 5.4 | Impact Score: 6.9 | Exploitability Score: 4.9
VMScore: 481
Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C

Vulnerability Summary

Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted malicious users to execute arbitrary code via crafted RPM packages.

Vulnerable Product Search on Vulmon Subscribe to Product

rpm package manager 4.4.8

ubuntu ubuntu linux 6.06 lts

ubuntu ubuntu linux 6.10

Vendor Advisories

Ubuntu Security Notice: rpm vulnerability
An error was found in the RPM library’s handling of query reports In some locales, certain RPM packages would cause the library to crash If a user was tricked into querying a specially crafted RPM package, the flaw could be exploited to execute arbitrary code with the user’s privileges ...
Debian CVElist Bug Report Logs: rpm: CVE-2006-5466
Debian Bug report logs - #397076 rpm: CVE-2006-5466 Package: rpm; Maintainer for rpm is RPM packaging team <team+pkg-rpm@trackerdebianorg>; Source for rpm is src:rpm (PTS, buildd, popcon) Reported by: Adrian Bunk <bunk@stustade> Date: Sun, 5 Nov 2006 00:18:13 UTC Severity: grave Tags: security Found in version ...

References

NVD-CWE-Otherhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=212833http://www.ubuntu.com/usn/usn-378-1http://secunia.com/advisories/22740http://secunia.com/advisories/22745http://securitytracker.com/id?1017160http://secunia.com/advisories/22768http://security.gentoo.org/glsa/glsa-200611-08.xmlhttp://www.securityfocus.com/bid/20906http://secunia.com/advisories/22854http://www.mandriva.com/security/advisories?name=MDKSA-2006:200http://www.vupen.com/english/advisories/2006/4350https://nvd.nist.govhttps://usn.ubuntu.com/378-1/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995CVE-2024-36680CVE-2024-35537unauthorizedCVE-2024-21518CVE-2024-37673cross-site scriptingSSRFCVE-2024-6241
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook