CVE-2011-2515

Summary

PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.

Affected Software

VendorProductVersion RangeStatus
packagekitpackagekit0.6.15affected
packagekitpackagekit0.6.17affected

Weaknesses

  • installs unsigned RPM packages as though they were signed

ADP Enrichment

CVE Program Container

Additional References

References