rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax of spec files, which allows user-assisted remote attackers to remove home directories via vectors involving a ;~ (semicolon tilde) sequence in a Name tag.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-07T02:25:06.997Z
Reserved: 2010-06-08T00:00:00
Link: CVE-2010-2197

No data.

Status : Modified
Published: 2010-06-08T18:30:10.083
Modified: 2024-11-21T01:16:08.183
Link: CVE-2010-2197
