PT-2011-3994 · Suse · Kiwi+1
Published
2011-08-23
·
Updated
2017-08-29
·
CVE-2011-2645
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Kiwi versions prior to 3.74.2
SUSE Studio versions prior to 1.1.4
Description
The issue allows remote attackers to execute arbitrary code via a crafted filename for a custom RPM.
Recommendations
For Kiwi versions prior to 3.74.2, update to version 3.74.2 or later.
For SUSE Studio versions prior to 1.1.4, update to version 1.1.4 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Kiwi
Suse Studio