CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
97.2%
Florian Weimer discovered that RPM incorrectly handled temporary files. A
local attacker could use this issue to execute arbitrary code.
(CVE-2013-6435)
Florian Weimer discovered that RPM incorrectly handled certain CPIO
headers. If a user or automated system were tricked into installing a
malicious package file, a remote attacker could use this issue to cause RPM
to crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2014-8118)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 14.10 | noarch | rpm | < 4.11.2-3ubuntu0.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | debugedit | < 4.11.2-3ubuntu0.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | librpm-dbg | < 4.11.2-3ubuntu0.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | librpm-dev | < 4.11.2-3ubuntu0.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | librpm3 | < 4.11.2-3ubuntu0.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | librpmbuild3 | < 4.11.2-3ubuntu0.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | librpmio3 | < 4.11.2-3ubuntu0.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | librpmsign1 | < 4.11.2-3ubuntu0.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | python-rpm | < 4.11.2-3ubuntu0.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | rpm-common | < 4.11.2-3ubuntu0.1 | UNKNOWN |