Vulnerabilities > RPM > RPM
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-06-08 | CVE-2010-2197 | Permissions, Privileges, and Access Controls vulnerability in RPM rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax of spec files, which allows user-assisted remote attackers to remove home directories via vectors involving a ;~ (semicolon tilde) sequence in a Name tag. | 5.8 |
2010-06-08 | CVE-2005-4889 | Permissions, Privileges, and Access Controls vulnerability in RPM lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of an executable file during deletion of the file in an RPM package removal, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid or (2) setgid file, a related issue to CVE-2010-2059. | 7.2 |