HomeRpmCVE-2012-0061

CVE-2012-0061

UNKNOWN
6.8CVSS
Published: 2012-06-04
Updated: 2025-04-11
AI Analysis

Description

The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large region size in a package header.

CVSS Metrics

Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Access Vector
network
Access Cmplx
medium
Auth
none
Confidentiality
partial
Integrity
partial
Availability
partial
Weaknesses
CWE-20

Metadata

Primary Vendor
RPM
Published
6/4/2012
Last Modified
4/11/2025
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

rpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpmrpm : rpm

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD
CVE-CVE-2012-0061 | UNKNOWN Severity | CVEDatabase.com | CVEDatabase.com