RedHat RPM Corrupt Query Vulnerability

RedHat Package Management (RPM) is a system used to package, distribute and install software. A vulnerability exists in version 4.0.2-7x which causes arbitrary code to execute when a maliciously constructed package is queried.

This also affects programs using the rpm-4.0.x libraries, including rpm2html. It is possible that earlier 4.0.x packages are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus