5.4

CVE-2006-5466

Exploit
Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RpmPackage Manager Version4.4.8
UbuntuUbuntu Linux Version6.06_lts
UbuntuUbuntu Linux Version6.10 Editioni386
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.58% 0.879
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.4 4.9 6.9
AV:N/AC:H/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/22740
Vendor Advisory
Exploit
http://secunia.com/advisories/22745
Patch
Vendor Advisory
http://secunia.com/advisories/22768
http://secunia.com/advisories/22854
http://security.gentoo.org/glsa/glsa-200611-08.xml
http://securitytracker.com/id?1017160
http://www.mandriva.com/security/advisories?name=MDKSA-2006:200
http://www.securityfocus.com/bid/20906
http://www.ubuntu.com/usn/usn-378-1
Patch
http://www.vupen.com/english/advisories/2006/4350
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=212833
Exploit