Security Advisory

CVE-2013-6435

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-12-16 18:00:00

Last updated 2024-08-06 17:39:01

Assigner redhat

State PUBLISHED

Description

Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.

← Browse all CVEs View on cve.org ↗