CVE-2010-2197
Gentoo Linux Security Advisory 201206-26
Severity Score
9.1
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax of spec files, which allows user-assisted remote attackers to remove home directories via vectors involving a ;~ (semicolon tilde) sequence in a Name tag.
rpmbuild en RPM v4.8.0 y anteriores no parse adecuadamente la sintáxis de archivos spec, lo que permite a atacantes asistidos por usuarios borrar directorios home a través de vectores relacionando una secuencia ;~ (punto y coma tilde) en la etiqueta Name.
Multiple vulnerabilities have been found in RPM, possibly allowing local attackers to gain elevated privileges or remote attackers to execute arbitrary code. Versions less than 4.9.1.3 are affected.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-06-08 CVE Reserved
- 2010-06-08 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=125517 | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/59423 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 1.2 Search vendor "Rpm" for product "Rpm" and version "1.2" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 1.3 Search vendor "Rpm" for product "Rpm" and version "1.3" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 1.3.1 Search vendor "Rpm" for product "Rpm" and version "1.3.1" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 1.4 Search vendor "Rpm" for product "Rpm" and version "1.4" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 1.4.2 Search vendor "Rpm" for product "Rpm" and version "1.4.2" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 1.4.2\/a Search vendor "Rpm" for product "Rpm" and version "1.4.2\/a" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 1.4.3 Search vendor "Rpm" for product "Rpm" and version "1.4.3" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 1.4.4 Search vendor "Rpm" for product "Rpm" and version "1.4.4" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 1.4.5 Search vendor "Rpm" for product "Rpm" and version "1.4.5" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 1.4.6 Search vendor "Rpm" for product "Rpm" and version "1.4.6" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 1.4.7 Search vendor "Rpm" for product "Rpm" and version "1.4.7" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2..4.10 Search vendor "Rpm" for product "Rpm" and version "2..4.10" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.0 Search vendor "Rpm" for product "Rpm" and version "2.0" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.0.1 Search vendor "Rpm" for product "Rpm" and version "2.0.1" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.0.2 Search vendor "Rpm" for product "Rpm" and version "2.0.2" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.0.3 Search vendor "Rpm" for product "Rpm" and version "2.0.3" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.0.4 Search vendor "Rpm" for product "Rpm" and version "2.0.4" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.0.5 Search vendor "Rpm" for product "Rpm" and version "2.0.5" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.0.6 Search vendor "Rpm" for product "Rpm" and version "2.0.6" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.0.7 Search vendor "Rpm" for product "Rpm" and version "2.0.7" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.0.8 Search vendor "Rpm" for product "Rpm" and version "2.0.8" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.0.9 Search vendor "Rpm" for product "Rpm" and version "2.0.9" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.0.10 Search vendor "Rpm" for product "Rpm" and version "2.0.10" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.0.11 Search vendor "Rpm" for product "Rpm" and version "2.0.11" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.1 Search vendor "Rpm" for product "Rpm" and version "2.1" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.1.1 Search vendor "Rpm" for product "Rpm" and version "2.1.1" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.1.2 Search vendor "Rpm" for product "Rpm" and version "2.1.2" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.2 Search vendor "Rpm" for product "Rpm" and version "2.2" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.2.1 Search vendor "Rpm" for product "Rpm" and version "2.2.1" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.2.2 Search vendor "Rpm" for product "Rpm" and version "2.2.2" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.2.3 Search vendor "Rpm" for product "Rpm" and version "2.2.3" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.2.3.10 Search vendor "Rpm" for product "Rpm" and version "2.2.3.10" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.2.3.11 Search vendor "Rpm" for product "Rpm" and version "2.2.3.11" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.2.4 Search vendor "Rpm" for product "Rpm" and version "2.2.4" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.2.5 Search vendor "Rpm" for product "Rpm" and version "2.2.5" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.2.6 Search vendor "Rpm" for product "Rpm" and version "2.2.6" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.2.7 Search vendor "Rpm" for product "Rpm" and version "2.2.7" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.2.8 Search vendor "Rpm" for product "Rpm" and version "2.2.8" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.2.9 Search vendor "Rpm" for product "Rpm" and version "2.2.9" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.2.10 Search vendor "Rpm" for product "Rpm" and version "2.2.10" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.2.11 Search vendor "Rpm" for product "Rpm" and version "2.2.11" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.3 Search vendor "Rpm" for product "Rpm" and version "2.3" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.3.1 Search vendor "Rpm" for product "Rpm" and version "2.3.1" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.3.2 Search vendor "Rpm" for product "Rpm" and version "2.3.2" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.3.3 Search vendor "Rpm" for product "Rpm" and version "2.3.3" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.3.4 Search vendor "Rpm" for product "Rpm" and version "2.3.4" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.3.5 Search vendor "Rpm" for product "Rpm" and version "2.3.5" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.3.6 Search vendor "Rpm" for product "Rpm" and version "2.3.6" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.3.7 Search vendor "Rpm" for product "Rpm" and version "2.3.7" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.3.8 Search vendor "Rpm" for product "Rpm" and version "2.3.8" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.3.9 Search vendor "Rpm" for product "Rpm" and version "2.3.9" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.4.1 Search vendor "Rpm" for product "Rpm" and version "2.4.1" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.4.2 Search vendor "Rpm" for product "Rpm" and version "2.4.2" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.4.3 Search vendor "Rpm" for product "Rpm" and version "2.4.3" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.4.4 Search vendor "Rpm" for product "Rpm" and version "2.4.4" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.4.5 Search vendor "Rpm" for product "Rpm" and version "2.4.5" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.4.6 Search vendor "Rpm" for product "Rpm" and version "2.4.6" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.4.8 Search vendor "Rpm" for product "Rpm" and version "2.4.8" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.4.9 Search vendor "Rpm" for product "Rpm" and version "2.4.9" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.4.11 Search vendor "Rpm" for product "Rpm" and version "2.4.11" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.4.12 Search vendor "Rpm" for product "Rpm" and version "2.4.12" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.5 Search vendor "Rpm" for product "Rpm" and version "2.5" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.5.1 Search vendor "Rpm" for product "Rpm" and version "2.5.1" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.5.2 Search vendor "Rpm" for product "Rpm" and version "2.5.2" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.5.3 Search vendor "Rpm" for product "Rpm" and version "2.5.3" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.5.4 Search vendor "Rpm" for product "Rpm" and version "2.5.4" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.5.5 Search vendor "Rpm" for product "Rpm" and version "2.5.5" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.5.6 Search vendor "Rpm" for product "Rpm" and version "2.5.6" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 2.6.7 Search vendor "Rpm" for product "Rpm" and version "2.6.7" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 3.0 Search vendor "Rpm" for product "Rpm" and version "3.0" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 3.0.1 Search vendor "Rpm" for product "Rpm" and version "3.0.1" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 3.0.2 Search vendor "Rpm" for product "Rpm" and version "3.0.2" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 3.0.3 Search vendor "Rpm" for product "Rpm" and version "3.0.3" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 3.0.4 Search vendor "Rpm" for product "Rpm" and version "3.0.4" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 3.0.5 Search vendor "Rpm" for product "Rpm" and version "3.0.5" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 3.0.6 Search vendor "Rpm" for product "Rpm" and version "3.0.6" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.0. Search vendor "Rpm" for product "Rpm" and version "4.0." | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.0.1 Search vendor "Rpm" for product "Rpm" and version "4.0.1" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.0.2 Search vendor "Rpm" for product "Rpm" and version "4.0.2" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.0.3 Search vendor "Rpm" for product "Rpm" and version "4.0.3" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.0.4 Search vendor "Rpm" for product "Rpm" and version "4.0.4" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.1 Search vendor "Rpm" for product "Rpm" and version "4.1" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.3.3 Search vendor "Rpm" for product "Rpm" and version "4.3.3" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.4.2 Search vendor "Rpm" for product "Rpm" and version "4.4.2" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.4.2.1 Search vendor "Rpm" for product "Rpm" and version "4.4.2.1" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.4.2.2 Search vendor "Rpm" for product "Rpm" and version "4.4.2.2" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.4.2.3 Search vendor "Rpm" for product "Rpm" and version "4.4.2.3" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | <= 4.8.0 Search vendor "Rpm" for product "Rpm" and version " <= 4.8.0" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.6.0 Search vendor "Rpm" for product "Rpm" and version "4.6.0" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.6.1 Search vendor "Rpm" for product "Rpm" and version "4.6.1" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.7.0 Search vendor "Rpm" for product "Rpm" and version "4.7.0" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.7.1 Search vendor "Rpm" for product "Rpm" and version "4.7.1" | - |
Affected
| ||||||
| Rpm Search vendor "Rpm" | Rpm Search vendor "Rpm" for product "Rpm" | 4.7.2 Search vendor "Rpm" for product "Rpm" and version "4.7.2" | - |
Affected
| ||||||