7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
28.2%
Aurelien Jarno reports:
CVE-2008-4539: fix a heap overflow in Cirrus emulation
The code in hw/cirrus_vga.c has changed a lot between
CVE-2007-1320 has been announced and the patch has been applied.
As a consequence it has wrongly applied and QEMU is still
vulnerable to this bug if using VNC.