Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8118

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2014-8118
Last Modified 10 Sep 2015 11:29:19
Published 16 Dec 2014 01:59:06
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-8118

Summary

Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.

Vulnerable Systems

Application

  • Rpm 1.2

  • Rpm 1.3

  • Rpm 1.3.1

  • Rpm 1.4

  • Rpm 1.4.1

  • Rpm 1.4.2

  • Rpm 1.4.2%2fa

  • Rpm 1.4.3

  • Rpm 1.4.4

  • Rpm 1.4.5

  • Rpm 1.4.6

  • Rpm 1.4.7

  • Rpm 2.0

  • Rpm 2.0.1

  • Rpm 2.0.10

  • Rpm 2.0.11

  • Rpm 2.0.2

  • Rpm 2.0.3

  • Rpm 2.0.4

  • Rpm 2.0.5

  • Rpm 2.0.6

  • Rpm 2.0.7

  • Rpm 2.0.8

  • Rpm 2.0.9

  • Rpm 2.1

  • Rpm 2.1.1

  • Rpm 2.1.2

  • Rpm 2.2

  • Rpm 2.2.1

  • Rpm 2.2.10

  • Rpm 2.2.11

  • Rpm 2.2.2

  • Rpm 2.2.3

  • Rpm 2.2.3.10

  • Rpm 2.2.3.11

  • Rpm 2.2.4

  • Rpm 2.2.5

  • Rpm 2.2.6

  • Rpm 2.2.7

  • Rpm 2.2.8

  • Rpm 2.2.9

  • Rpm 2.3

  • Rpm 2.3.1

  • Rpm 2.3.2

  • Rpm 2.3.3

  • Rpm 2.3.4

  • Rpm 2.3.5

  • Rpm 2.3.6

  • Rpm 2.3.7

  • Rpm 2.3.8

  • Rpm 2.3.9

  • Rpm 2.4.1

  • Rpm 2.4.11

  • Rpm 2.4.12

  • Rpm 2.4.2

  • Rpm 2.4.3

  • Rpm 2.4.4

  • Rpm 2.4.5

  • Rpm 2.4.6

  • Rpm 2.4.8

  • Rpm 2.4.9

  • Rpm 2.5

  • Rpm 2.5.1

  • Rpm 2.5.2

  • Rpm 2.5.3

  • Rpm 2.5.4

  • Rpm 2.5.5

  • Rpm 2.5.6

  • Rpm 2.6.7

  • Rpm 3.0

  • Rpm 3.0.1

  • Rpm 3.0.2

  • Rpm 3.0.3

  • Rpm 3.0.4

  • Rpm 3.0.5

  • Rpm 3.0.6

  • Rpm 4.0.

  • Rpm 4.0.1

  • Rpm 4.0.2

  • Rpm 4.0.3

  • Rpm 4.0.4

  • Rpm 4.1

  • Rpm 4.10.0

  • Rpm 4.10.1

  • Rpm 4.10.2

  • Rpm 4.12.0

  • Rpm 4.3.3

  • Rpm 4.4.2.1

  • Rpm 4.4.2.2

  • Rpm 4.4.2.3

  • Rpm 4.5.90

  • Rpm 4.6.0

  • Rpm 4.6.1

  • Rpm 4.7.0

  • Rpm 4.7.1

  • Rpm 4.7.2

  • Rpm 4.8.0

  • Rpm 4.8.1

  • Rpm 4.9.0

  • Rpm 4.9.1

  • Rpm 4.9.1.1

  • Rpm 4.9.1.2


References

REDHAT - RHSA-2014:1976

DEBIAN - DSA-3129

MANDRIVA - MDVSA-2015:056

MANDRIVA - MDVSA-2014:251

CONFIRM - http://advisories.mageia.org/MGASA-2014-0529.html


Last Updated: 27 May 2016 11:07:18