CVE-2013-6435 (retired)

Priority
Description
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute
arbitrary code via a crafted RPM file whose installation extracts the
contents to temporary files before validating the signature, as
demonstrated by installing a file in the /etc/cron.d directory.
Assigned-to
mdeslaur
Package
Source: rpm (LP Ubuntu Debian)
Upstream:released (4.11.3-1.1)
Ubuntu 14.04 LTS (Trusty Tahr):released (4.11.1-3ubuntu0.1)
More Information

Updated: 2019-03-26 12:11:07 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)