Vulnerability Description
RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to execute arbitrary code via corrupted data in the RPM file when the file is queried.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Redhat Package Manager | 4.0.2-71 |
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000440
- http://www.securityfocus.com/archive/1/222542ExploitVendor Advisory
- http://www.securityfocus.com/bid/3472PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7349
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000440
- http://www.securityfocus.com/archive/1/222542ExploitVendor Advisory
- http://www.securityfocus.com/bid/3472PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7349
FAQ
What is CVE-2001-0923?
CVE-2001-0923 is a vulnerability with a CVSS score of 7.2 (HIGH). RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to execute arbitrary code via corrupted data in the RPM file when the file is queried.
How severe is CVE-2001-0923?
CVE-2001-0923 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0923?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Redhat Package Manager.