[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253650

 
 

909

 
 

197367

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-1922Date: (C)2013-05-14   (M)2023-12-22


qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted, a different vulnerability than CVE-2008-2004.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 3.3
Exploit Score: 3.4
Impact Score: 4.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: NONE
  
Reference:
SECTRACK-1028426
SECUNIA-55082
FEDORA-2013-6185
FEDORA-2013-6211
FEDORA-2013-6221
GLSA-201309-24
http://www.openwall.com/lists/oss-security/2013/04/15/3
http://www.openwall.com/lists/oss-security/2013/04/16/2

CPE    3
cpe:/o:xen:xen:4.2.2
cpe:/o:xen:xen:4.2.1
cpe:/o:xen:xen:4.2.0
CWE    1
CWE-264
OVAL    19
oval:org.secpod.oval:def:106089
oval:org.secpod.oval:def:104917
oval:org.secpod.oval:def:104859
oval:org.secpod.oval:def:106208
...

© SecPod Technologies