[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-2238Date: (C)2010-08-19   (M)2023-12-22


Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-image backing stores without extracting the defined disk backing-store format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.4
Exploit Score: 2.7
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: SINGLE
Confidentiality: COMPLETE
Integrity: NONE
Availability: NONE
  
Reference:
ADV-2010-2763
FEDORA-2010-10960
FEDORA-2010-11021
SUSE-SR:2010:017
USN-1008-1
USN-1008-2
USN-1008-3
http://libvirt.org/news.html
https://bugzilla.redhat.com/show_bug.cgi?id=607811

CWE    1
CWE-264
OVAL    6
oval:org.secpod.oval:def:700050
oval:org.secpod.oval:def:100629
oval:org.secpod.oval:def:700090
oval:org.secpod.oval:def:100600
...

© SecPod Technologies