|Date: (C)2008-12-24 (M)2017-08-08|
|CVSS Score: 7.8||Access Vector: NETWORK|
|Exploitability Subscore: 10.0||Access Complexity: LOW|
|Impact Subscore: 6.9||Authentication: NONE|
| ||Confidentiality: COMPLETE|
| ||Integrity: NONE|
| ||Availability: NONE|
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended.