CVE-2012-0060 (GCVE-0-2012-0060)
Vulnerability from cvelistv5
Published
2012-06-04 20:00
Modified
2024-08-06 18:09
Severity ?
Summary
RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function.
References
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2012-0451.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2012-0531.html
secalert@redhat.comhttp://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=e4eab2bc6d07cfd33f740071de7ddbb2fe2f4190
secalert@redhat.comhttp://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=f23998251992b8ae25faf5113c42fee2c49c7f29
secalert@redhat.comhttp://rpm.org/wiki/Releases/4.9.1.3
secalert@redhat.comhttp://secunia.com/advisories/48651Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/48716Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/49110Vendor Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2012:056
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
secalert@redhat.comhttp://www.osvdb.org/81010
secalert@redhat.comhttp://www.securityfocus.com/bid/52865
secalert@redhat.comhttp://www.securitytracker.com/id?1026882
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-1695-1
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=744858
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/74582
secalert@redhat.comhttps://hermes.opensuse.org/messages/14440932
secalert@redhat.comhttps://hermes.opensuse.org/messages/14441362
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2012-0451.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2012-0531.html
af854a3a-2127-422b-91ae-364da2661108http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=e4eab2bc6d07cfd33f740071de7ddbb2fe2f4190
af854a3a-2127-422b-91ae-364da2661108http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=f23998251992b8ae25faf5113c42fee2c49c7f29
af854a3a-2127-422b-91ae-364da2661108http://rpm.org/wiki/Releases/4.9.1.3
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/48651Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/48716Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/49110Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2012:056
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/81010
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/52865
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1026882
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1695-1
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=744858
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/74582
af854a3a-2127-422b-91ae-364da2661108https://hermes.opensuse.org/messages/14440932
af854a3a-2127-422b-91ae-364da2661108https://hermes.opensuse.org/messages/14441362
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T18:09:17.306Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
               },
               {
                  name: "RHSA-2012:0531",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2012-0531.html",
               },
               {
                  name: "MDVSA-2012:056",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:056",
               },
               {
                  name: "1026882",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id?1026882",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://rpm.org/wiki/Releases/4.9.1.3",
               },
               {
                  name: "48716",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/48716",
               },
               {
                  name: "81010",
                  tags: [
                     "vdb-entry",
                     "x_refsource_OSVDB",
                     "x_transferred",
                  ],
                  url: "http://www.osvdb.org/81010",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=744858",
               },
               {
                  name: "48651",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/48651",
               },
               {
                  name: "RHSA-2012:0451",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2012-0451.html",
               },
               {
                  name: "FEDORA-2012-5421",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=e4eab2bc6d07cfd33f740071de7ddbb2fe2f4190",
               },
               {
                  name: "52865",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/52865",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=f23998251992b8ae25faf5113c42fee2c49c7f29",
               },
               {
                  name: "USN-1695-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-1695-1",
               },
               {
                  name: "openSUSE-SU-2012:0588",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "https://hermes.opensuse.org/messages/14440932",
               },
               {
                  name: "49110",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/49110",
               },
               {
                  name: "rpm-loadsigverify-code-execution(74582)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/74582",
               },
               {
                  name: "FEDORA-2012-5420",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html",
               },
               {
                  name: "FEDORA-2012-5298",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html",
               },
               {
                  name: "openSUSE-SU-2012:0589",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "https://hermes.opensuse.org/messages/14441362",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2012-03-04T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-17T19:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
            },
            {
               name: "RHSA-2012:0531",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2012-0531.html",
            },
            {
               name: "MDVSA-2012:056",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:056",
            },
            {
               name: "1026882",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id?1026882",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://rpm.org/wiki/Releases/4.9.1.3",
            },
            {
               name: "48716",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/48716",
            },
            {
               name: "81010",
               tags: [
                  "vdb-entry",
                  "x_refsource_OSVDB",
               ],
               url: "http://www.osvdb.org/81010",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=744858",
            },
            {
               name: "48651",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/48651",
            },
            {
               name: "RHSA-2012:0451",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2012-0451.html",
            },
            {
               name: "FEDORA-2012-5421",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=e4eab2bc6d07cfd33f740071de7ddbb2fe2f4190",
            },
            {
               name: "52865",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/52865",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=f23998251992b8ae25faf5113c42fee2c49c7f29",
            },
            {
               name: "USN-1695-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-1695-1",
            },
            {
               name: "openSUSE-SU-2012:0588",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "https://hermes.opensuse.org/messages/14440932",
            },
            {
               name: "49110",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/49110",
            },
            {
               name: "rpm-loadsigverify-code-execution(74582)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/74582",
            },
            {
               name: "FEDORA-2012-5420",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html",
            },
            {
               name: "FEDORA-2012-5298",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html",
            },
            {
               name: "openSUSE-SU-2012:0589",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "https://hermes.opensuse.org/messages/14441362",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "secalert@redhat.com",
               ID: "CVE-2012-0060",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
                  },
                  {
                     name: "RHSA-2012:0531",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2012-0531.html",
                  },
                  {
                     name: "MDVSA-2012:056",
                     refsource: "MANDRIVA",
                     url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:056",
                  },
                  {
                     name: "1026882",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id?1026882",
                  },
                  {
                     name: "http://rpm.org/wiki/Releases/4.9.1.3",
                     refsource: "CONFIRM",
                     url: "http://rpm.org/wiki/Releases/4.9.1.3",
                  },
                  {
                     name: "48716",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/48716",
                  },
                  {
                     name: "81010",
                     refsource: "OSVDB",
                     url: "http://www.osvdb.org/81010",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=744858",
                     refsource: "MISC",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=744858",
                  },
                  {
                     name: "48651",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/48651",
                  },
                  {
                     name: "RHSA-2012:0451",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2012-0451.html",
                  },
                  {
                     name: "FEDORA-2012-5421",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html",
                  },
                  {
                     name: "http://rpm.org/gitweb?p=rpm.git;a=commitdiff;h=e4eab2bc6d07cfd33f740071de7ddbb2fe2f4190",
                     refsource: "CONFIRM",
                     url: "http://rpm.org/gitweb?p=rpm.git;a=commitdiff;h=e4eab2bc6d07cfd33f740071de7ddbb2fe2f4190",
                  },
                  {
                     name: "52865",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/52865",
                  },
                  {
                     name: "http://rpm.org/gitweb?p=rpm.git;a=commitdiff;h=f23998251992b8ae25faf5113c42fee2c49c7f29",
                     refsource: "CONFIRM",
                     url: "http://rpm.org/gitweb?p=rpm.git;a=commitdiff;h=f23998251992b8ae25faf5113c42fee2c49c7f29",
                  },
                  {
                     name: "USN-1695-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-1695-1",
                  },
                  {
                     name: "openSUSE-SU-2012:0588",
                     refsource: "SUSE",
                     url: "https://hermes.opensuse.org/messages/14440932",
                  },
                  {
                     name: "49110",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/49110",
                  },
                  {
                     name: "rpm-loadsigverify-code-execution(74582)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/74582",
                  },
                  {
                     name: "FEDORA-2012-5420",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html",
                  },
                  {
                     name: "FEDORA-2012-5298",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html",
                  },
                  {
                     name: "openSUSE-SU-2012:0589",
                     refsource: "SUSE",
                     url: "https://hermes.opensuse.org/messages/14441362",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2012-0060",
      datePublished: "2012-06-04T20:00:00",
      dateReserved: "2011-12-07T00:00:00",
      dateUpdated: "2024-08-06T18:09:17.306Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      fkie_nvd: {
         configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.9.1.2\", \"matchCriteriaId\": \"1EB1B63A-0D09-429B-AEAA-AA0F33E0954A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76112E07-F476-41E5-9FF8-E85C28019BD5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E064D1B0-093D-4C62-89A0-481D261F9AE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:1.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D05B2BC3-41EB-4839-B3DC-AF8B567D0318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55B95097-EEA2-42A1-AA30-4AC519E67B1F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:1.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"985E051C-677E-4DCD-9181-F5F33342FE8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:1.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"267ACF41-E8E2-4F9E-983A-E526DACFCE82\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:1.4.2\\\\/a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6429C42B-EBD6-4D93-AABB-AD268ADB72AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:1.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1372FF29-498C-41CB-AB2E-25CEC92866AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:1.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EFE8428-E00F-4E5F-8787-F63FEE93E617\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:1.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE4E9CC7-1BD8-490B-9C9B-E4A76EFAD13D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:1.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFAB0B1A-A9E5-4808-85EC-0BD2A3F753AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:1.4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3D1E892-05D5-4C79-AD12-7B7C0421E509\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CA6696D-D6CC-4C23-AB8F-91474BFC341E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B16D91A5-35F5-44F3-A515-8E4F27B563D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08974D05-C00C-438C-A76F-E17C191D0CE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81771BF8-0788-44B5-8694-AFF436FDECD0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"93BF53E9-CC37-4E31-9F34-2B569947887F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2D79478-665E-4D18-AAA6-BA51C41A4C74\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A59FF59-BD73-4C13-AC51-98126ED46573\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"99C83F0D-159B-4CFB-92C6-83D36225080A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B7A4BC0-43DF-4542-A54F-BF8B07F30B12\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B926B035-659A-4F86-B680-CD1A6163F2D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A98BC57C-69AD-40F6-885B-3A560F69809F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71499D02-8989-4AA0-80FB-28860F103EB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B424D987-8421-4FE5-B9F7-0D4AB7AC921B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F58F12D-301C-4C4D-8F78-0B6A7B220B0B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19A30CF4-508D-407B-A097-30331AF9D452\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E49FB5B-5BFA-4736-8F2C-C07188D0BC00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"883AE5CC-379E-41A7-A8B5-12671015F131\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B8D8FEA-89A2-4133-89D7-FD403D605E4E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FBDA2319-4C36-44A5-A1F2-E0F1EFC1DE23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.2.3.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E11322F8-93B7-457C-8993-B0A8D3274468\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.2.3.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADD35E28-313C-4CF7-AEC0-1C91316FF5B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B591779-643B-4E2E-9270-40748EDA1BA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB3C91C9-CFDC-4C51-B6AF-51F1560161A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F9D67C30-F0CA-410B-8C3A-EA5536BC256E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.2.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80DB9D55-9BC2-416C-9A2A-021F4EC0E884\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B48E845-573C-4F07-8D69-F1A54CCEEDE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.2.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9642BA0F-CBBD-4FB5-8A20-BBCAD7EC31CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.2.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45C9FE2D-197A-45EB-BE40-B746B13F2C02\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.2.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E07E462F-2163-430B-9315-75BFD00113C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F650FC0-1DF8-4432-92F5-4B4DCEFC2D39\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"347BC012-5307-4B0F-A013-624ED455ABD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5ED89DCC-0EFF-4665-BDE0-406155A46BDE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EEB6C44-B615-46F8-A5DC-BEF25D932314\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"979D846B-9DD9-474A-A8BE-25334D2969B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.3.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDF5DE17-2061-4896-B7DA-CFDEF46E9652\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.3.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB528B71-8BF5-4D93-A1BC-DF0502AEA58F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.3.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0585DC0B-DFBB-466E-9D3D-86E19A4B88A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.3.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"041B087D-4FBC-4EDC-AAC0-DF8A1D39980A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.3.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE4FB33B-5015-4620-BD21-3F0C916069EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"684E9118-30B2-476C-816E-CA4B2916017B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AF46B23-559C-4DF0-8510-C79F17ABF22B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD40A202-557B-495C-BBE5-DEC9FF97EE56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F3DB711-AE17-4B3B-9D45-C38CBDF418A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF2E6A8E-4C9B-46A1-B786-6C0B3A3395F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D049089-7FBD-41A6-8A5B-8497DA24C720\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.4.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20DEBEDF-3E64-4417-BC41-7F0E20C522F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.4.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CF99B53-237E-468B-8B7F-A105FE40803B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.4.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5D5F196-4BA9-43EB-BE38-EE405C8CC0FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.4.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66C4022C-F1D4-4A58-8341-E22EAF943511\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5503DC6-40DB-4A84-984E-BDEED82F224A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90148D48-5DA5-46F9-AE96-618C427A5DA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"733E1435-CE73-4A39-97EB-304D2F45A838\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA80DA6E-CCE3-4CAF-B2A1-E6FF2B702D3C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D08FD930-F2BC-47BC-86BC-07545D1431B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97DE028F-D0BE-435C-826D-CCBFFEBF3B31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.5.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E08EB15D-1842-41F4-9F19-FF6571055242\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:2.6.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43CF2BBF-83AA-451E-8E30-E040EFCF6F64\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"409B29B1-E2E0-4CBD-83D0-F4CE67820F5C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:3.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D325D4A-166A-4174-BEA8-1C6D47A8DDBB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:3.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6AEBBD1-2320-42A3-8DCA-46DF61007349\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:3.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E54C09F8-F0F5-4BDF-868F-0B6A4609B3E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:3.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"132C1B54-0438-4239-B599-8160D494EE26\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:3.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E5CCEAC-3D92-46DB-AC88-859ED5A5E277\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:3.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED68CE6A-2BF5-49F2-AEAE-199AAC94807B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.0.:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C589CD4-5A9E-41E1-BBFA-AF4BE2DD31E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49E406BD-8CC3-4929-ABB2-F820F8C83823\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8685704C-C43D-4315-A541-4E04B7B08B69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39C1D452-A003-4DB1-A8CF-0F7FBB9A5811\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4F8C79E-416F-4C88-B102-3BB60E969FAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F47849F-4466-4500-802C-260970D6A764\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C190DE39-ABEF-4DA1-A909-B9E98BD5A468\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77BB52FC-E320-47CD-A180-C22371D7AFEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.4.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"01A746D6-4C15-49BD-B17C-2CA06FFA76D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.4.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8664CDC-6A09-45F0-B5CD-BE5688FDBB1F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.5.90:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6897D7B8-F2A3-4A18-83AF-5473E971DCDA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FEBBBEE-CE1D-4F4B-B0F7-428814B791BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.6.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0E27D80-E3C5-42A2-8794-56BA0D28EFB8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.6.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2043930-ECC5-40C6-907E-C5AF2D3EE51D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.6.0:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"25706042-3E57-45D2-9917-5DDD818205FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.6.0:rc4:*:*:*:*:*:*\", \"matchCriteriaId\": \"85B0DA93-4048-4F25-8D69-76F149D411BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"055D95AA-3797-437E-88FD-764D807B5E2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7164A1F5-EE8E-46C6-8E9E-D267CF5936ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62495EC6-B5DB-4AB2-840C-98AC4CE34990\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A87B2FBC-567D-4A1F-AA9C-5DA68C1AA4FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FCD5EE9-2D1F-4042-B53A-C5BA24265709\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3BE5D6F9-304C-4A3F-AD8E-CD7F01F8AD97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63210F22-8DC0-4B0F-BAC3-962E319D36BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.9.0:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"65B5D793-77FC-4333-888A-57A913EA5BF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.9.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C2A6ADF-F539-4257-AE05-7316231106C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.9.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AF5D1C5-DDFC-4218-B3E2-0C34768DAC33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97928439-BB18-4F36-928C-D5FB6F08AC59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rpm:rpm:4.9.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B190E4B8-794A-4B6E-B3E5-83ABDD381315\"}]}]}]",
         descriptions: "[{\"lang\": \"en\", \"value\": \"RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function.\"}, {\"lang\": \"es\", \"value\": \"RPM en versiones anteriores a la 4.9.1.3 no valida apropiadamente las etiquetas \\\"region\\\", lo que permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (ca\\u00edda) y posiblemente ejecutar c\\u00f3digo arbitrario a trav\\u00e9s de una etiqueta \\\"region\\\" inv\\u00e1lida en una cabecera de paquete de la funci\\u00f3n (1) headerLoad, (2) rpmReadSignature o (3) headerVerify.\"}]",
         id: "CVE-2012-0060",
         lastModified: "2024-11-21T01:34:18.700",
         metrics: "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
         published: "2012-06-04T20:55:01.743",
         references: "[{\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-0451.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-0531.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=e4eab2bc6d07cfd33f740071de7ddbb2fe2f4190\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=f23998251992b8ae25faf5113c42fee2c49c7f29\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rpm.org/wiki/Releases/4.9.1.3\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/48651\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/48716\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/49110\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2012:056\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.osvdb.org/81010\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/52865\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securitytracker.com/id?1026882\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-1695-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=744858\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/74582\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://hermes.opensuse.org/messages/14440932\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://hermes.opensuse.org/messages/14441362\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-0451.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-0531.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=e4eab2bc6d07cfd33f740071de7ddbb2fe2f4190\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=f23998251992b8ae25faf5113c42fee2c49c7f29\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rpm.org/wiki/Releases/4.9.1.3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/48651\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/48716\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/49110\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2012:056\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/81010\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/52865\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1026882\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-1695-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=744858\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/74582\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://hermes.opensuse.org/messages/14440932\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://hermes.opensuse.org/messages/14441362\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
         sourceIdentifier: "secalert@redhat.com",
         vulnStatus: "Modified",
         weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]",
      },
      nvd: "{\"cve\":{\"id\":\"CVE-2012-0060\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2012-06-04T20:55:01.743\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function.\"},{\"lang\":\"es\",\"value\":\"RPM en versiones anteriores a la 4.9.1.3 no valida apropiadamente las etiquetas \\\"region\\\", lo que permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de una etiqueta \\\"region\\\" inválida en una cabecera de paquete de la función (1) headerLoad, (2) rpmReadSignature o (3) headerVerify.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.9.1.2\",\"matchCriteriaId\":\"1EB1B63A-0D09-429B-AEAA-AA0F33E0954A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76112E07-F476-41E5-9FF8-E85C28019BD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E064D1B0-093D-4C62-89A0-481D261F9AE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:1.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D05B2BC3-41EB-4839-B3DC-AF8B567D0318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55B95097-EEA2-42A1-AA30-4AC519E67B1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:1.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"985E051C-677E-4DCD-9181-F5F33342FE8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:1.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"267ACF41-E8E2-4F9E-983A-E526DACFCE82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:1.4.2\\\\/a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6429C42B-EBD6-4D93-AABB-AD268ADB72AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:1.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1372FF29-498C-41CB-AB2E-25CEC92866AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:1.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EFE8428-E00F-4E5F-8787-F63FEE93E617\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:1.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE4E9CC7-1BD8-490B-9C9B-E4A76EFAD13D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:1.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFAB0B1A-A9E5-4808-85EC-0BD2A3F753AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:1.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D1E892-05D5-4C79-AD12-7B7C0421E509\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CA6696D-D6CC-4C23-AB8F-91474BFC341E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B16D91A5-35F5-44F3-A515-8E4F27B563D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08974D05-C00C-438C-A76F-E17C191D0CE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81771BF8-0788-44B5-8694-AFF436FDECD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93BF53E9-CC37-4E31-9F34-2B569947887F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2D79478-665E-4D18-AAA6-BA51C41A4C74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A59FF59-BD73-4C13-AC51-98126ED46573\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99C83F0D-159B-4CFB-92C6-83D36225080A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B7A4BC0-43DF-4542-A54F-BF8B07F30B12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B926B035-659A-4F86-B680-CD1A6163F2D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A98BC57C-69AD-40F6-885B-3A560F69809F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71499D02-8989-4AA0-80FB-28860F103EB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B424D987-8421-4FE5-B9F7-0D4AB7AC921B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F58F12D-301C-4C4D-8F78-0B6A7B220B0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19A30CF4-508D-407B-A097-30331AF9D452\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E49FB5B-5BFA-4736-8F2C-C07188D0BC00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"883AE5CC-379E-41A7-A8B5-12671015F131\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B8D8FEA-89A2-4133-89D7-FD403D605E4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBDA2319-4C36-44A5-A1F2-E0F1EFC1DE23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.2.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E11322F8-93B7-457C-8993-B0A8D3274468\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.2.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADD35E28-313C-4CF7-AEC0-1C91316FF5B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B591779-643B-4E2E-9270-40748EDA1BA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB3C91C9-CFDC-4C51-B6AF-51F1560161A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9D67C30-F0CA-410B-8C3A-EA5536BC256E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80DB9D55-9BC2-416C-9A2A-021F4EC0E884\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B48E845-573C-4F07-8D69-F1A54CCEEDE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9642BA0F-CBBD-4FB5-8A20-BBCAD7EC31CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45C9FE2D-197A-45EB-BE40-B746B13F2C02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.2.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E07E462F-2163-430B-9315-75BFD00113C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F650FC0-1DF8-4432-92F5-4B4DCEFC2D39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"347BC012-5307-4B0F-A013-624ED455ABD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ED89DCC-0EFF-4665-BDE0-406155A46BDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EEB6C44-B615-46F8-A5DC-BEF25D932314\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"979D846B-9DD9-474A-A8BE-25334D2969B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDF5DE17-2061-4896-B7DA-CFDEF46E9652\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB528B71-8BF5-4D93-A1BC-DF0502AEA58F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0585DC0B-DFBB-466E-9D3D-86E19A4B88A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041B087D-4FBC-4EDC-AAC0-DF8A1D39980A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE4FB33B-5015-4620-BD21-3F0C916069EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"684E9118-30B2-476C-816E-CA4B2916017B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AF46B23-559C-4DF0-8510-C79F17ABF22B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD40A202-557B-495C-BBE5-DEC9FF97EE56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F3DB711-AE17-4B3B-9D45-C38CBDF418A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF2E6A8E-4C9B-46A1-B786-6C0B3A3395F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D049089-7FBD-41A6-8A5B-8497DA24C720\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20DEBEDF-3E64-4417-BC41-7F0E20C522F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF99B53-237E-468B-8B7F-A105FE40803B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5D5F196-4BA9-43EB-BE38-EE405C8CC0FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66C4022C-F1D4-4A58-8341-E22EAF943511\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5503DC6-40DB-4A84-984E-BDEED82F224A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90148D48-5DA5-46F9-AE96-618C427A5DA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"733E1435-CE73-4A39-97EB-304D2F45A838\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA80DA6E-CCE3-4CAF-B2A1-E6FF2B702D3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D08FD930-F2BC-47BC-86BC-07545D1431B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97DE028F-D0BE-435C-826D-CCBFFEBF3B31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E08EB15D-1842-41F4-9F19-FF6571055242\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:2.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43CF2BBF-83AA-451E-8E30-E040EFCF6F64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"409B29B1-E2E0-4CBD-83D0-F4CE67820F5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D325D4A-166A-4174-BEA8-1C6D47A8DDBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6AEBBD1-2320-42A3-8DCA-46DF61007349\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E54C09F8-F0F5-4BDF-868F-0B6A4609B3E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:3.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"132C1B54-0438-4239-B599-8160D494EE26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:3.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E5CCEAC-3D92-46DB-AC88-859ED5A5E277\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:3.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED68CE6A-2BF5-49F2-AEAE-199AAC94807B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.0.:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C589CD4-5A9E-41E1-BBFA-AF4BE2DD31E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E406BD-8CC3-4929-ABB2-F820F8C83823\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8685704C-C43D-4315-A541-4E04B7B08B69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39C1D452-A003-4DB1-A8CF-0F7FBB9A5811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4F8C79E-416F-4C88-B102-3BB60E969FAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F47849F-4466-4500-802C-260970D6A764\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C190DE39-ABEF-4DA1-A909-B9E98BD5A468\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77BB52FC-E320-47CD-A180-C22371D7AFEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01A746D6-4C15-49BD-B17C-2CA06FFA76D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.4.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8664CDC-6A09-45F0-B5CD-BE5688FDBB1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.5.90:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6897D7B8-F2A3-4A18-83AF-5473E971DCDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FEBBBEE-CE1D-4F4B-B0F7-428814B791BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.6.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0E27D80-E3C5-42A2-8794-56BA0D28EFB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.6.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2043930-ECC5-40C6-907E-C5AF2D3EE51D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.6.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"25706042-3E57-45D2-9917-5DDD818205FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.6.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"85B0DA93-4048-4F25-8D69-76F149D411BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"055D95AA-3797-437E-88FD-764D807B5E2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7164A1F5-EE8E-46C6-8E9E-D267CF5936ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62495EC6-B5DB-4AB2-840C-98AC4CE34990\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A87B2FBC-567D-4A1F-AA9C-5DA68C1AA4FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FCD5EE9-2D1F-4042-B53A-C5BA24265709\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BE5D6F9-304C-4A3F-AD8E-CD7F01F8AD97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63210F22-8DC0-4B0F-BAC3-962E319D36BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.9.0:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"65B5D793-77FC-4333-888A-57A913EA5BF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.9.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C2A6ADF-F539-4257-AE05-7316231106C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.9.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AF5D1C5-DDFC-4218-B3E2-0C34768DAC33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97928439-BB18-4F36-928C-D5FB6F08AC59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm:rpm:4.9.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B190E4B8-794A-4B6E-B3E5-83ABDD381315\"}]}]}],\"references\":[{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0451.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0531.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=e4eab2bc6d07cfd33f740071de7ddbb2fe2f4190\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=f23998251992b8ae25faf5113c42fee2c49c7f29\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rpm.org/wiki/Releases/4.9.1.3\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/48651\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/48716\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/49110\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:056\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.osvdb.org/81010\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/52865\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id?1026882\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1695-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=744858\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/74582\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://hermes.opensuse.org/messages/14440932\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://hermes.opensuse.org/messages/14441362\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0451.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0531.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=e4eab2bc6d07cfd33f740071de7ddbb2fe2f4190\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=f23998251992b8ae25faf5113c42fee2c49c7f29\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rpm.org/wiki/Releases/4.9.1.3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/48651\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/48716\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/49110\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:056\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/81010\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/52865\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1026882\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1695-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=744858\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/74582\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://hermes.opensuse.org/messages/14440932\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://hermes.opensuse.org/messages/14441362\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.