CVSS: 5.4EPSS: 3%CPEs: 3EXPL: 2CVE-2006-5466
https://notcve.org/view.php?id=CVE-2006-5466
Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages. Desbordamiento de búfer basado en montón en la función shoqQueryPackage en librpm en RPM Package Manager 4.4.8, cuando la variable de entorno LANG tiene el valor ru_RU.UTF-8, podría permitir a atacantes con la intervención del usuario ejecutar código de su elección mediante paquetes RPM manipulados. • http://secunia.com/advisories/22740 http://secunia.com/advisories/22745 http://secunia.com/advisories/22768 http://secunia.com/advisories/22854 http://security.gentoo.org/glsa/glsa-200611-08.xml http://securitytracker.com/id?1017160 http://www.mandriva.com/security/advisories?name=MDKSA-2006:200 http://www.securityfocus.com/bid/20906 http://www.ubuntu.com/usn/usn-378-1 http://www.vupen.com/english/advisories/2006/4350 https://bugzilla.redhat.com/bugzilla/show_bug.cgi? •