LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

rpm: arbitrary code execution

Package(s):rpm CVE #(s):CVE-2006-5466
Created:November 6, 2006 Updated:August 28, 2007
Description: An error was found in the RPM library's handling of query reports. In some locales, certain RPM packages would cause the library to crash. If a user was tricked into querying a specially crafted RPM package, the flaw could be exploited to execute arbitrary code with the user's privileges.
Alerts:
Fedora FEDORA-2007-668 2007-08-27
Gentoo 200611-08 2006-11-13
Mandriva MDKSA-2006:200 2006-11-07
Ubuntu USN-378-1 2006-11-04
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds