USN-1695-1: RPM vulnerabilities
17 January 2013
RPM could be made to crash or run programs if it opened a specially crafted package file.
- rpm - package manager for RPM
It was discovered that RPM incorrectly handled certain package headers. If
a user or automated system were tricked into installing a specially crafted
RPM package, an attacker could cause RPM to crash, resulting in a denial of
service, or possibly execute arbitrary code.