Lucene search

[email protected]CVE-2013-4538

HistoryNov 04, 2014 - 9:55 p.m.

CVE-2013-4538

2014-11-0421:55:24

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-4538

buffer overflow

qemu

denial of service

memory corruption

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.2 High

AI Score

Confidence

High

0.065 Low

EPSS

Percentile

93.8%

JSON

Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image.

Affected configurations

NVD

Node

qemuqemuRange≤1.7.1

qemuqemuMatch0.1.0

qemuqemuMatch0.1.1

qemuqemuMatch0.1.2

qemuqemuMatch0.1.3

qemuqemuMatch0.1.4

qemuqemuMatch0.1.5

qemuqemuMatch0.1.6

qemuqemuMatch0.2.0

qemuqemuMatch0.3.0

qemuqemuMatch0.4.0

qemuqemuMatch0.4.1

qemuqemuMatch0.4.2

qemuqemuMatch0.4.3

qemuqemuMatch0.5.0

qemuqemuMatch0.5.1

qemuqemuMatch0.5.2

qemuqemuMatch0.5.3

qemuqemuMatch0.5.4

qemuqemuMatch0.5.5

qemuqemuMatch0.6.0

qemuqemuMatch0.6.1

qemuqemuMatch0.7.0

qemuqemuMatch0.7.1

qemuqemuMatch0.7.2

qemuqemuMatch0.8.0

qemuqemuMatch0.8.1

qemuqemuMatch0.8.2

qemuqemuMatch0.9.0

qemuqemuMatch0.9.1

qemuqemuMatch0.9.1-5

qemuqemuMatch0.10.0

qemuqemuMatch0.10.1

qemuqemuMatch0.10.2

qemuqemuMatch0.10.3

qemuqemuMatch0.10.4

qemuqemuMatch0.10.5

qemuqemuMatch0.10.6

qemuqemuMatch0.11.0

qemuqemuMatch0.11.0rc0

qemuqemuMatch0.11.0rc1

qemuqemuMatch0.11.0rc2

qemuqemuMatch0.11.0-rc0

qemuqemuMatch0.11.0-rc1

qemuqemuMatch0.11.0-rc2

qemuqemuMatch0.11.1

qemuqemuMatch0.12.0

qemuqemuMatch0.12.0rc1

qemuqemuMatch0.12.0rc2

qemuqemuMatch0.12.1

qemuqemuMatch0.12.2

qemuqemuMatch0.12.3

qemuqemuMatch0.12.4

qemuqemuMatch0.12.5

qemuqemuMatch0.13.0

qemuqemuMatch0.13.0rc0

qemuqemuMatch0.13.0rc1

qemuqemuMatch0.14.0

qemuqemuMatch0.14.0rc0

qemuqemuMatch0.14.0rc1

qemuqemuMatch0.14.0rc2

qemuqemuMatch0.14.1

qemuqemuMatch0.15.0rc1

qemuqemuMatch0.15.0rc2

qemuqemuMatch0.15.1

qemuqemuMatch0.15.2

qemuqemuMatch1.0

qemuqemuMatch1.0rc1

qemuqemuMatch1.0rc2

qemuqemuMatch1.0rc3

qemuqemuMatch1.0rc4

qemuqemuMatch1.0.1

qemuqemuMatch1.1

qemuqemuMatch1.1rc1

qemuqemuMatch1.1rc2

qemuqemuMatch1.1rc3

qemuqemuMatch1.1rc4

qemuqemuMatch1.4.1

qemuqemuMatch1.4.2

qemuqemuMatch1.5.0

qemuqemuMatch1.5.0rc1

qemuqemuMatch1.5.0rc2

qemuqemuMatch1.5.0rc3

qemuqemuMatch1.5.1

qemuqemuMatch1.5.2

qemuqemuMatch1.5.3

qemuqemuMatch1.6.0

qemuqemuMatch1.6.0rc1

qemuqemuMatch1.6.0rc2

qemuqemuMatch1.6.0rc3

qemuqemuMatch1.6.1

qemuqemuMatch1.6.2

CPENameOperatorVersion
qemu:qemuqemule1.7.1
qemu:qemuqemueq0.1.0
qemu:qemuqemueq0.1.1
qemu:qemuqemueq0.1.2
qemu:qemuqemueq0.1.3
qemu:qemuqemueq0.1.4
qemu:qemuqemueq0.1.5
qemu:qemuqemueq0.1.6
qemu:qemuqemueq0.2.0
qemu:qemuqemueq0.3.0

CPE	Name	Operator	Version
qemu:qemu	qemu	le	1.7.1
qemu:qemu	qemu	eq	0.1.0
qemu:qemu	qemu	eq	0.1.1
qemu:qemu	qemu	eq	0.1.2
qemu:qemu	qemu	eq	0.1.3
qemu:qemu	qemu	eq	0.1.4
qemu:qemu	qemu	eq	0.1.5
qemu:qemu	qemu	eq	0.1.6
qemu:qemu	qemu	eq	0.2.0
qemu:qemu	qemu	eq	0.3.0