Steffen Joeris
2007-Aug-06 15:47 UTC
[Pkg-xen-devel] Bug#436250: CVE-2007-0998: possible vulnerability
Package: xen-3.0 Severity: important Hi The following CVE[0] was issued against xen. Can you please check, if the Debian versions are affected? The CVE says: The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information. Cheers Steffen [0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0998
Seemingly Similar Threads
- Bug#451626: CVE-2007-5907, CVE-2007-5906 possible denial of service vulnerability
- Bug#490409: CVE-2008-2004: privilege escalation
- VuXML entry for CVE-2007-1870: ClamAV CAB File Unstore Buffer Overflow
- CVE-2016-8652 in dovecot
- Puppet Enterprise hotfixes for Ruby on Rails JSON Parser vulnerability [ CVE-2013-0333 ]
Wisdom of the Ancients
