[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-2044Date: (C)2015-03-13   (M)2023-12-22


The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.1
Exploit Score: 3.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
SECTRACK-1031806
SECTRACK-1031836
BID-72954
DSA-3181
FEDORA-2015-3721
FEDORA-2015-3935
FEDORA-2015-3944
GLSA-201504-04
http://support.citrix.com/article/CTX200484
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-423503.htm
http://xenbits.xen.org/xsa/advisory-121.html
openSUSE-SU-2015:0732

CPE    32
cpe:/o:xen:xen:4.1.6.1
cpe:/o:xen:xen:4.1.0
cpe:/o:xen:xen:4.5.0
cpe:/o:xen:xen:4.1.4
...
CWE    1
CWE-200
OVAL    14
oval:org.secpod.oval:def:108686
oval:org.secpod.oval:def:108802
oval:org.secpod.oval:def:108681
oval:org.secpod.oval:def:108883
...

© SecPod Technologies