CVE-2010-2239

2010-08-1918:00:03

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:S/C:C/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.001

Percentile

26.5%

JSON

Red Hat libvirt, possibly 0.6.0 through 0.8.2, creates new images without setting the user-defined backing-store format, which allows guest OS users to read arbitrary files on the host OS via unspecified vectors.

Affected configurations

Nvd

Node

libvirtlibvirtMatch0.6.0

libvirtlibvirtMatch0.6.1

libvirtlibvirtMatch0.6.2

libvirtlibvirtMatch0.6.3

libvirtlibvirtMatch0.6.4

libvirtlibvirtMatch0.6.5

libvirtlibvirtMatch0.7.0

libvirtlibvirtMatch0.7.1

libvirtlibvirtMatch0.7.2

libvirtlibvirtMatch0.7.3

libvirtlibvirtMatch0.7.4

libvirtlibvirtMatch0.7.5

libvirtlibvirtMatch0.7.6

libvirtlibvirtMatch0.7.7

libvirtlibvirtMatch0.8.0

libvirtlibvirtMatch0.8.1

libvirtlibvirtMatch0.8.2

VendorProductVersionCPE
libvirtlibvirt0.6.0cpe:2.3:a:libvirt:libvirt:0.6.0:*:*:*:*:*:*:*
libvirtlibvirt0.6.1cpe:2.3:a:libvirt:libvirt:0.6.1:*:*:*:*:*:*:*
libvirtlibvirt0.6.2cpe:2.3:a:libvirt:libvirt:0.6.2:*:*:*:*:*:*:*
libvirtlibvirt0.6.3cpe:2.3:a:libvirt:libvirt:0.6.3:*:*:*:*:*:*:*
libvirtlibvirt0.6.4cpe:2.3:a:libvirt:libvirt:0.6.4:*:*:*:*:*:*:*
libvirtlibvirt0.6.5cpe:2.3:a:libvirt:libvirt:0.6.5:*:*:*:*:*:*:*
libvirtlibvirt0.7.0cpe:2.3:a:libvirt:libvirt:0.7.0:*:*:*:*:*:*:*
libvirtlibvirt0.7.1cpe:2.3:a:libvirt:libvirt:0.7.1:*:*:*:*:*:*:*
libvirtlibvirt0.7.2cpe:2.3:a:libvirt:libvirt:0.7.2:*:*:*:*:*:*:*
libvirtlibvirt0.7.3cpe:2.3:a:libvirt:libvirt:0.7.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
libvirt	libvirt	0.6.0	cpe:2.3:a:libvirt:libvirt:0.6.0:::::::*
libvirt	libvirt	0.6.1	cpe:2.3:a:libvirt:libvirt:0.6.1:::::::*
libvirt	libvirt	0.6.2	cpe:2.3:a:libvirt:libvirt:0.6.2:::::::*
libvirt	libvirt	0.6.3	cpe:2.3:a:libvirt:libvirt:0.6.3:::::::*
libvirt	libvirt	0.6.4	cpe:2.3:a:libvirt:libvirt:0.6.4:::::::*
libvirt	libvirt	0.6.5	cpe:2.3:a:libvirt:libvirt:0.6.5:::::::*
libvirt	libvirt	0.7.0	cpe:2.3:a:libvirt:libvirt:0.7.0:::::::*
libvirt	libvirt	0.7.1	cpe:2.3:a:libvirt:libvirt:0.7.1:::::::*
libvirt	libvirt	0.7.2	cpe:2.3:a:libvirt:libvirt:0.7.2:::::::*
libvirt	libvirt	0.7.3	cpe:2.3:a:libvirt:libvirt:0.7.3:::::::*