ID CVE-2012-0815
Summary The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison.
References
Vulnerable Configurations
  • cpe:2.3:a:rpm:rpm:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:1.4:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:1.4.2\/a:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:1.4.2\/a:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:1.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:1.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:1.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:1.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:1.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:1.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:1.4.6:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:1.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:1.4.7:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:1.4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.2.3.10:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.2.3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.2.3.11:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.2.3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.3:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.3.9:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.4.6:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.4.8:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.4.8:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.4.9:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.4.9:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.4.11:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.4.11:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.4.12:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.4.12:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.5:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.5.6:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:2.6.7:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:2.6.7:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:3.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:3.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:3.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:3.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:3.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:3.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:3.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:3.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.0.:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.0.:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.5.90:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.5.90:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.6.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.6.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.6.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.6.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.6.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.6.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.6.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.6.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.9.0:alpha:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.9.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.9.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.9.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.9.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.9.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.9.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.9.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4.2.1:-:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4.2.1:-:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4.2.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4.2.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4.2.1:rc2:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4.2.1:rc2:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4.2.1:rc3:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4.2.1:rc3:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4.2.2:-:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4.2.2:-:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4.2.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4.2.2:rc1:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4.2.2:rc2:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4.2.2:rc2:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4.2.3:-:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4.2.3:-:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.4.2.3:rc1:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.4.2.3:rc1:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.6.0:-:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.6.0:-:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.7.0:-:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.7.0:-:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.7.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.7.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.7.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.7.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.8.0:-:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.8.0:-:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.8.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.8.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.9.0:-:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.9.0:-:*:*:*:*:*:*
  • cpe:2.3:a:rpm:rpm:4.9.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:rpm:4.9.1.2:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 18-01-2018 - 02:29)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 798585
    title CVE-2012-0061 rpm: improper validation of header contents total size in headerLoad()
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment rpm is earlier than 0:4.8.0-19.el6_2.1
            oval oval:com.redhat.rhsa:tst:20120451001
          • comment rpm is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111349030
        • AND
          • comment rpm-apidocs is earlier than 0:4.8.0-19.el6_2.1
            oval oval:com.redhat.rhsa:tst:20120451003
          • comment rpm-apidocs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111349032
        • AND
          • comment rpm-build is earlier than 0:4.8.0-19.el6_2.1
            oval oval:com.redhat.rhsa:tst:20120451005
          • comment rpm-build is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111349034
        • AND
          • comment rpm-cron is earlier than 0:4.8.0-19.el6_2.1
            oval oval:com.redhat.rhsa:tst:20120451007
          • comment rpm-cron is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111349036
        • AND
          • comment rpm-devel is earlier than 0:4.8.0-19.el6_2.1
            oval oval:com.redhat.rhsa:tst:20120451009
          • comment rpm-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111349038
        • AND
          • comment rpm-libs is earlier than 0:4.8.0-19.el6_2.1
            oval oval:com.redhat.rhsa:tst:20120451011
          • comment rpm-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111349040
        • AND
          • comment rpm-python is earlier than 0:4.8.0-19.el6_2.1
            oval oval:com.redhat.rhsa:tst:20120451013
          • comment rpm-python is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111349042
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • comment popt is earlier than 0:1.10.2.3-28.el5_8
            oval oval:com.redhat.rhsa:tst:20120451016
          • comment popt is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100679002
        • AND
          • comment rpm is earlier than 0:4.4.2.3-28.el5_8
            oval oval:com.redhat.rhsa:tst:20120451018
          • comment rpm is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100679004
        • AND
          • comment rpm-apidocs is earlier than 0:4.4.2.3-28.el5_8
            oval oval:com.redhat.rhsa:tst:20120451020
          • comment rpm-apidocs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100679006
        • AND
          • comment rpm-build is earlier than 0:4.4.2.3-28.el5_8
            oval oval:com.redhat.rhsa:tst:20120451022
          • comment rpm-build is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100679008
        • AND
          • comment rpm-devel is earlier than 0:4.4.2.3-28.el5_8
            oval oval:com.redhat.rhsa:tst:20120451024
          • comment rpm-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100679010
        • AND
          • comment rpm-libs is earlier than 0:4.4.2.3-28.el5_8
            oval oval:com.redhat.rhsa:tst:20120451026
          • comment rpm-libs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100679012
        • AND
          • comment rpm-python is earlier than 0:4.4.2.3-28.el5_8
            oval oval:com.redhat.rhsa:tst:20120451028
          • comment rpm-python is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100679014
    rhsa
    id RHSA-2012:0451
    released 2012-04-03
    severity Important
    title RHSA-2012:0451: rpm security update (Important)
  • rhsa
    id RHSA-2012:0531
rpms
  • popt-0:1.10.2.3-22.el5_6.3
  • popt-0:1.10.2.3-28.el5_8
  • popt-0:1.10.2.3-9.el5_3.3
  • popt-0:1.8.2-36_nonptl
  • popt-0:1.9.1-36_nonptl.el4
  • rpm-0:4.2.3-36_nonptl
  • rpm-0:4.3.3-36_nonptl.el4
  • rpm-0:4.4.2.3-22.el5_6.3
  • rpm-0:4.4.2.3-28.el5_8
  • rpm-0:4.4.2.3-9.el5_3.3
  • rpm-0:4.8.0-12.el6_0.2
  • rpm-0:4.8.0-16.el6_1.2
  • rpm-0:4.8.0-19.el6_2.1
  • rpm-apidocs-0:4.4.2.3-22.el5_6.3
  • rpm-apidocs-0:4.4.2.3-28.el5_8
  • rpm-apidocs-0:4.4.2.3-9.el5_3.3
  • rpm-apidocs-0:4.8.0-12.el6_0.2
  • rpm-apidocs-0:4.8.0-16.el6_1.2
  • rpm-apidocs-0:4.8.0-19.el6_2.1
  • rpm-build-0:4.2.3-36_nonptl
  • rpm-build-0:4.3.3-36_nonptl.el4
  • rpm-build-0:4.4.2.3-22.el5_6.3
  • rpm-build-0:4.4.2.3-28.el5_8
  • rpm-build-0:4.4.2.3-9.el5_3.3
  • rpm-build-0:4.8.0-12.el6_0.2
  • rpm-build-0:4.8.0-16.el6_1.2
  • rpm-build-0:4.8.0-19.el6_2.1
  • rpm-cron-0:4.8.0-12.el6_0.2
  • rpm-cron-0:4.8.0-16.el6_1.2
  • rpm-cron-0:4.8.0-19.el6_2.1
  • rpm-debuginfo-0:4.2.3-36_nonptl
  • rpm-debuginfo-0:4.3.3-36_nonptl.el4
  • rpm-debuginfo-0:4.4.2.3-22.el5_6.3
  • rpm-debuginfo-0:4.4.2.3-28.el5_8
  • rpm-debuginfo-0:4.4.2.3-9.el5_3.3
  • rpm-debuginfo-0:4.8.0-12.el6_0.2
  • rpm-debuginfo-0:4.8.0-16.el6_1.2
  • rpm-debuginfo-0:4.8.0-19.el6_2.1
  • rpm-devel-0:4.2.3-36_nonptl
  • rpm-devel-0:4.3.3-36_nonptl.el4
  • rpm-devel-0:4.4.2.3-22.el5_6.3
  • rpm-devel-0:4.4.2.3-28.el5_8
  • rpm-devel-0:4.4.2.3-9.el5_3.3
  • rpm-devel-0:4.8.0-12.el6_0.2
  • rpm-devel-0:4.8.0-16.el6_1.2
  • rpm-devel-0:4.8.0-19.el6_2.1
  • rpm-libs-0:4.2.3-36_nonptl
  • rpm-libs-0:4.3.3-36_nonptl.el4
  • rpm-libs-0:4.4.2.3-22.el5_6.3
  • rpm-libs-0:4.4.2.3-28.el5_8
  • rpm-libs-0:4.4.2.3-9.el5_3.3
  • rpm-libs-0:4.8.0-12.el6_0.2
  • rpm-libs-0:4.8.0-16.el6_1.2
  • rpm-libs-0:4.8.0-19.el6_2.1
  • rpm-python-0:4.2.3-36_nonptl
  • rpm-python-0:4.3.3-36_nonptl.el4
  • rpm-python-0:4.4.2.3-22.el5_6.3
  • rpm-python-0:4.4.2.3-28.el5_8
  • rpm-python-0:4.4.2.3-9.el5_3.3
  • rpm-python-0:4.8.0-12.el6_0.2
  • rpm-python-0:4.8.0-16.el6_1.2
  • rpm-python-0:4.8.0-19.el6_2.1
refmap via4
bid 52865
confirm
fedora
  • FEDORA-2012-5298
  • FEDORA-2012-5420
  • FEDORA-2012-5421
mandriva MDVSA-2012:056
misc https://bugzilla.redhat.com/show_bug.cgi?id=744104
osvdb 81009
sectrack 1026882
secunia
  • 48651
  • 48716
  • 49110
suse
  • openSUSE-SU-2012:0588
  • openSUSE-SU-2012:0589
ubuntu USN-1695-1
xf rpm-headerverifyinfo-code-execution(74581)
Last major update 18-01-2018 - 02:29
Published 04-06-2012 - 20:55
Last modified 18-01-2018 - 02:29
Back to Top