Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-2007HistoryMay 21, 2013 - 6:55 p.m.
CVE-2013-2007
2013-05-2118:55:02
Debian Security Bug Tracker
security-tracker.debian.org
17
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | qemu | < 1:7.2+dfsg-7+deb12u6 | qemu_1:7.2+dfsg-7+deb12u6_all.deb |
| Debian | 11 | all | qemu | < 1:5.2+dfsg-11+deb11u3 | qemu_1:5.2+dfsg-11+deb11u3_all.deb |
| Debian | 999 | all | qemu | < 1:8.2.5+ds-2 | qemu_1:8.2.5+ds-2_all.deb |
| Debian | 13 | all | qemu | < 1:8.2.4+ds-1 | qemu_1:8.2.4+ds-1_all.deb |
Related
nessus
nessus
Oracle Linux 6 : qemu-kvm (ELSA-2013-0896)
2013-07-12 00:00:00
RHEL 6 : qemu-kvm (RHSA-2013:0896)
2013-06-03 00:00:00
SuSE 11.2 Security Update : KVM (SAT Patch Number 7906)
2013-07-19 00:00:00
veracode
veracode
Information Disclosure
2019-01-15 08:52:36
centos
centos
qemu security update
2013-06-03 23:30:45
openvas
openvas
CentOS Update for qemu-guest-agent CESA-2013:0896 centos6
2013-06-04 00:00:00
Mageia: Security Advisory (MGASA-2013-0169)
2022-01-28 00:00:00
RedHat Update for qemu-kvm RHSA-2013:0896-01
2013-06-04 00:00:00
cvelist
cvelist
CVE-2013-2007
2013-05-21 18:00:00
prion
prion
Design/Logic Flaw
2013-05-21 18:55:00
redhat
redhat
(RHSA-2013:0896) Moderate: qemu-kvm security and bug fix update
2013-06-03 00:00:00
(RHSA-2013:0791) Moderate: qemu-kvm-rhev security and bug fix update
2013-06-03 00:00:00
ubuntucve
ubuntucve
CVE-2013-2007
2013-05-21 00:00:00
nvd
nvd
CVE-2013-2007
2013-05-21 18:55:02
xen
xen
qemu guest agent (qga) insecure file permissions
2013-05-06 15:00:00
cve
cve
CVE-2013-2007
2013-05-21 18:55:02
mageia
mageia
Updated qemu packages fix security vulnerability
2013-06-18 18:55:07
oraclelinux
oraclelinux
qemu-kvm security and bug fix update
2013-06-03 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: qemu-1.2.2-13.fc18
2013-07-01 01:42:44
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIANCVE:CVE-2013-2007