RedhatCVE-2012-5512

HistoryDec 13, 2012 - 11:53 a.m.

CVE-2012-5512

2012-12-1311:53:48

CWE-16

redhat

web.nvd.nist.gov

xen 4.1

hvmop_set_mem_access

array index error

denial of service

crash

sensitive information

nvd

CVSS2

3.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:N/A:P

AI Score

3.7

Confidence

High

EPSS

0.001

Percentile

29.2%

JSON

Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors.

Affected configurations

Nvd

Node

citrixxenserverMatch4.1.0

VendorProductVersionCPE
citrixxenserver4.1.0cpe:2.3:a:citrix:xenserver:4.1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
citrix	xenserver	4.1.0	cpe:2.3:a:citrix:xenserver:4.1.0:::::::*

References

lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html

lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html

lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html

lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html

secunia.com/advisories/51397

secunia.com/advisories/51486

secunia.com/advisories/51487

secunia.com/advisories/55082

security.gentoo.org/glsa/glsa-201309-24.xml

support.citrix.com/article/CTX135777

www.openwall.com/lists/oss-security/2012/12/03/7

www.osvdb.org/88132

www.securityfocus.com/bid/56799

exchange.xforce.ibmcloud.com/vulnerabilities/80481

CVSS2

3.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:N/A:P

AI Score

3.7

Confidence

High

EPSS

0.001

Percentile

29.2%

JSON

Related for CVE-2012-5512