Lucene search
HistoryNov 04, 2014 - 9:55 p.m.
CVE-2013-4527
cve-2013-4527
buffer overflow
qemu
arbitrary code execution
remote attackers
nvd
security vulnerability
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.7 High
AI Score
Confidence
High
0.063 Low
EPSS
Percentile
93.7%
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers.
Affected configurations
Node
qemuqemuRange≤1.7.1
ORqemuqemuMatch0.1.0
ORqemuqemuMatch0.1.1
ORqemuqemuMatch0.1.2
ORqemuqemuMatch0.1.3
ORqemuqemuMatch0.1.4
ORqemuqemuMatch0.1.5
ORqemuqemuMatch0.1.6
ORqemuqemuMatch0.2.0
ORqemuqemuMatch0.3.0
ORqemuqemuMatch0.4.0
ORqemuqemuMatch0.4.1
ORqemuqemuMatch0.4.2
ORqemuqemuMatch0.4.3
ORqemuqemuMatch0.5.0
ORqemuqemuMatch0.5.1
ORqemuqemuMatch0.5.2
ORqemuqemuMatch0.5.3
ORqemuqemuMatch0.5.4
ORqemuqemuMatch0.5.5
ORqemuqemuMatch0.6.0
ORqemuqemuMatch0.6.1
ORqemuqemuMatch0.7.0
ORqemuqemuMatch0.7.1
ORqemuqemuMatch0.7.2
ORqemuqemuMatch0.8.0
ORqemuqemuMatch0.8.1
ORqemuqemuMatch0.8.2
ORqemuqemuMatch0.9.0
ORqemuqemuMatch0.9.1
ORqemuqemuMatch0.9.1-5
ORqemuqemuMatch0.10.0
ORqemuqemuMatch0.10.1
ORqemuqemuMatch0.10.2
ORqemuqemuMatch0.10.3
ORqemuqemuMatch0.10.4
ORqemuqemuMatch0.10.5
ORqemuqemuMatch0.10.6
ORqemuqemuMatch0.11.0
ORqemuqemuMatch0.11.0rc0
ORqemuqemuMatch0.11.0rc1
ORqemuqemuMatch0.11.0rc2
ORqemuqemuMatch0.11.0-rc0
ORqemuqemuMatch0.11.0-rc1
ORqemuqemuMatch0.11.0-rc2
ORqemuqemuMatch0.11.1
ORqemuqemuMatch0.12.0
ORqemuqemuMatch0.12.0rc1
ORqemuqemuMatch0.12.0rc2
ORqemuqemuMatch0.12.1
ORqemuqemuMatch0.12.2
ORqemuqemuMatch0.12.3
ORqemuqemuMatch0.12.4
ORqemuqemuMatch0.12.5
ORqemuqemuMatch0.13.0
ORqemuqemuMatch0.13.0rc0
ORqemuqemuMatch0.13.0rc1
ORqemuqemuMatch0.14.0
ORqemuqemuMatch0.14.0rc0
ORqemuqemuMatch0.14.0rc1
ORqemuqemuMatch0.14.0rc2
ORqemuqemuMatch0.14.1
ORqemuqemuMatch0.15.0rc1
ORqemuqemuMatch0.15.0rc2
ORqemuqemuMatch0.15.1
ORqemuqemuMatch0.15.2
ORqemuqemuMatch1.0
ORqemuqemuMatch1.0rc1
ORqemuqemuMatch1.0rc2
ORqemuqemuMatch1.0rc3
ORqemuqemuMatch1.0rc4
ORqemuqemuMatch1.0.1
ORqemuqemuMatch1.1
ORqemuqemuMatch1.1rc1
ORqemuqemuMatch1.1rc2
ORqemuqemuMatch1.1rc3
ORqemuqemuMatch1.1rc4
ORqemuqemuMatch1.4.1
ORqemuqemuMatch1.4.2
ORqemuqemuMatch1.5.0
ORqemuqemuMatch1.5.0rc1
ORqemuqemuMatch1.5.0rc2
ORqemuqemuMatch1.5.0rc3
ORqemuqemuMatch1.5.1
ORqemuqemuMatch1.5.2
ORqemuqemuMatch1.5.3
ORqemuqemuMatch1.6.0
ORqemuqemuMatch1.6.0rc1
ORqemuqemuMatch1.6.0rc2
ORqemuqemuMatch1.6.0rc3
ORqemuqemuMatch1.6.1
ORqemuqemuMatch1.6.2
Related
ubuntucve
ubuntucve
CVE-2013-4527
2014-02-20 00:00:00
debiancve
debiancve
CVE-2013-4527
2014-11-04 21:55:24
prion
prion
Buffer overflow
2014-11-04 21:55:00
cvelist
cvelist
CVE-2013-4527
2014-11-04 21:00:00
nvd
nvd
CVE-2013-4527
2014-11-04 21:55:24
nessus
nessus
Oracle Linux 7 : qemu-kvm (ELSA-2014-0927)
2014-07-24 00:00:00
RHEL 7 : qemu-kvm (RHSA-2014:0927)
2014-07-30 00:00:00
CentOS 7 : qemu-kvm (CESA-2014:0927)
2014-07-26 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2014-0927)
2015-10-06 00:00:00
RedHat Update for qemu-kvm RHSA-2014:0927-01
2014-07-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0816-1)
2021-06-09 00:00:00
redhat
redhat
(RHSA-2014:1268) Moderate: qemu-kvm-rhev security update
2014-09-22 00:00:00
(RHSA-2014:0927) Moderate: qemu-kvm security and bug fix update
2014-07-23 00:00:00
oraclelinux
oraclelinux
qemu-kvm security and bug fix update
2014-07-23 00:00:00
qemu-kvm security, bug fix, and enhancement update
2015-03-11 00:00:00
centos
centos
libcacard, qemu security update
2014-07-25 13:23:24
fedora
fedora
[SECURITY] Fedora 20 Update: qemu-1.6.2-5.fc20
2014-05-16 10:01:41
ubuntu
ubuntu
QEMU vulnerabilities
2014-09-08 00:00:00
suse
suse
Security update for xen (important)
2016-07-06 11:08:39
Security update for xen (important)
2016-05-17 18:07:38
Security update for xen (important)
2016-04-05 17:08:00
mageia
mageia
Updated qemu packages fix multiple security vulnerabilities
2014-10-28 14:33:36
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.7 High
AI Score
Confidence
High
0.063 Low
EPSS
Percentile
93.7%
Related for CVE-2013-4527