Published: 04/06/2012 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

The headerVerifyInfo function in lib/header.c in RPM prior to 4.9.1.3 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rpm rpm 2.3.5
rpm rpm 4.4.2.1
rpm rpm 1.4.3
rpm rpm 3.0.1
rpm rpm 4.1
rpm rpm 2.2.3.11
rpm rpm 4.8.0
rpm rpm 2.4.4
rpm rpm 2.3.8
rpm rpm 2.0.6
rpm rpm 1.4.4
rpm rpm 1.4.2\\/a
rpm rpm 2.4.1
rpm rpm 2.4.9
rpm rpm 2.6.7
rpm rpm
rpm rpm 1.4
rpm rpm 2.0.10
rpm rpm 2.4.5
rpm rpm 4.9.0
rpm rpm 4.0.1
rpm rpm 2.2.11
rpm rpm 4.0.4
rpm rpm 2.2.1
rpm rpm 2.0.1
rpm rpm 1.4.2
rpm rpm 3.0.3
rpm rpm 2.0.7
rpm rpm 4.0.2
rpm rpm 2.2.8
rpm rpm 3.0.2
rpm rpm 4.6.0
rpm rpm 1.2
rpm rpm 4.0.
rpm rpm 2.1.1
rpm rpm 4.3.3
rpm rpm 2.5.5
rpm rpm 2.0.8
rpm rpm 4.8.1
rpm rpm 2.3
rpm rpm 4.4.2.2
rpm rpm 2.4.8
rpm rpm 3.0.4
rpm rpm 2.5.6
rpm rpm 2.0
rpm rpm 2.0.2
rpm rpm 2.3.2
rpm rpm 2.4.3
rpm rpm 2.4.2
rpm rpm 1.4.5
rpm rpm 2.0.11
rpm rpm 3.0.5
rpm rpm 1.3
rpm rpm 4.7.2
rpm rpm 4.9.1
rpm rpm 2.2.3
rpm rpm 2.2
rpm rpm 2.1.2
rpm rpm 2.3.9
rpm rpm 2.2.4
rpm rpm 2.2.9
rpm rpm 2.5.3
rpm rpm 2.2.6
rpm rpm 4.7.0
rpm rpm 2.3.6
rpm rpm 2.5
rpm rpm 2.2.3.10
rpm rpm 4.9.1.1
rpm rpm 2.0.5
rpm rpm 1.4.1
rpm rpm 4.4.2.3
rpm rpm 2.4.12
rpm rpm 2.5.4
rpm rpm 4.6.1
rpm rpm 1.4.7
rpm rpm 3.0
rpm rpm 1.4.6
rpm rpm 2.5.2
rpm rpm 2.4.11
rpm rpm 2.0.9
rpm rpm 2.1
rpm rpm 2.2.10
rpm rpm 2.3.3
rpm rpm 2.3.7
rpm rpm 2.3.4
rpm rpm 4.7.1
rpm rpm 2.0.4
rpm rpm 1.3.1
rpm rpm 3.0.6
rpm rpm 2.0.3
rpm rpm 2.3.1
rpm rpm 4.0.3
rpm rpm 2.4.6
rpm rpm 4.5.90
rpm rpm 2.5.1
rpm rpm 2.2.5
rpm rpm 2.2.2
rpm rpm 2.2.7

Synopsis Important: rpm security update Type/Severity Security Advisory: Important Topic Updated rpm packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 5 and 6; Red Hat Enterprise Linux 3 and 4Extended Life Cycle Support; Red Hat Enterprise Linux 53 Long Life; andRed H ...

Debian Bug report logs - #667031 Multiple security issues Package: rpm; Maintainer for rpm is RPM packaging team <team+pkg-rpm@trackerdebianorg>; Source for rpm is src:rpm (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Tue, 3 Apr 2012 14:30:01 UTC Severity: grave Tags: sec ...

RPM could be made to crash or run programs if it opened a specially crafted package file ...

CWE-189 https://hermes.opensuse.org/messages/14440932 http://rhn.redhat.com/errata/RHSA-2012-0451.html http://www.osvdb.org/81009 http://secunia.com/advisories/48651 http://secunia.com/advisories/49110 http://secunia.com/advisories/48716 https://bugzilla.redhat.com/show_bug.cgi?id=744104 http://rpm.org/wiki/Releases/4.9.1.3 https://hermes.opensuse.org/messages/14441362 http://www.securityfocus.com/bid/52865 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html http://www.securitytracker.com/id?1026882 http://www.ubuntu.com/usn/USN-1695-1 http://rhn.redhat.com/errata/RHSA-2012-0531.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html https://exchange.xforce.ibmcloud.com/vulnerabilities/74581 http://www.mandriva.com/security/advisories?name=MDVSA-2012:056 http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=472e569562d4c90d7a298080e0052856aa7fa86b http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=858a328cd0f7d4bcd8500c78faaf00e4f8033df6 https://access.redhat.com/errata/RHSA-2012:0451 https://usn.ubuntu.com/1695-1/https://nvd.nist.gov

Get Started

CVE-2012-0815

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect