[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2015-3209

Date: (C)2015-06-15   (M)2017-09-22
 
CVSS Score: 7.5Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.

Reference:
SECTRACK-1032545
BID-75123
DSA-3286
FEDORA-2015-10001
FEDORA-2015-9965
FEDORA-2015-9978
GLSA-201510-02
GLSA-201604-03
RHSA-2015:1087
RHSA-2015:1088
RHSA-2015:1089
SUSE-SU-2015:1042
SUSE-SU-2015:1045
SUSE-SU-2015:1152
SUSE-SU-2015:1156
SUSE-SU-2015:1157
SUSE-SU-2015:1206
SUSE-SU-2015:1426
SUSE-SU-2015:1519
SUSE-SU-2015:1643
USN-2630-1
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698
http://xenbits.xen.org/xsa/advisory-135.html
https://kb.juniper.net/JSA10783

CPE    2
cpe:/o:xen:xen:4.5.0
cpe:/a:qemu:qemu:-
CWE    1
CWE-119
OVAL    18
oval:org.secpod.oval:def:602139
oval:org.secpod.oval:def:501574
oval:org.secpod.oval:def:203640
oval:org.secpod.oval:def:203654
...

© 2013 SecPod Technologies