[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-1945Date: (C)2008-08-08   (M)2023-12-22


QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.1
Exploit Score: 3.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
SECTRACK-1020959
BID-30604
SECUNIA-32063
SECUNIA-32088
SECUNIA-34642
SECUNIA-35031
SECUNIA-35062
DSA-1799
MDVSA-2008:162
RHSA-2008:0892
SUSE-SR:2009:008
USN-776-1
oval:org.mitre.oval:def:9905
qemu-image-security-bypass(44269)

CPE    8
cpe:/o:opensuse:opensuse:11.1
cpe:/o:opensuse:opensuse:11.0
cpe:/o:opensuse:opensuse:10.3
cpe:/o:debian:debian_linux:4.0
...
OVAL    4
oval:org.secpod.oval:def:600320
oval:org.secpod.oval:def:301614
oval:org.mitre.oval:def:7873
oval:org.secpod.oval:def:700423
...

© SecPod Technologies