[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

247085

 
 

909

 
 

194218

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-3209Date: (C)2015-06-15   (M)2023-12-22


Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1032545
BID-75123
DSA-3284
DSA-3285
DSA-3286
FEDORA-2015-10001
FEDORA-2015-9965
FEDORA-2015-9978
GLSA-201510-02
GLSA-201604-03
RHSA-2015:1087
RHSA-2015:1088
RHSA-2015:1089
RHSA-2015:1189
SUSE-SU-2015:1042
SUSE-SU-2015:1045
SUSE-SU-2015:1152
SUSE-SU-2015:1156
SUSE-SU-2015:1157
SUSE-SU-2015:1206
SUSE-SU-2015:1426
SUSE-SU-2015:1519
SUSE-SU-2015:1643
USN-2630-1
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698
http://xenbits.xen.org/xsa/advisory-135.html
https://kb.juniper.net/JSA10783
https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13

CWE    1
CWE-787
OVAL    19
oval:org.secpod.oval:def:109347
oval:org.secpod.oval:def:109402
oval:org.secpod.oval:def:109225
oval:org.secpod.oval:def:602139
...

© SecPod Technologies