Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2016-3712
HistoryMay 11, 2016 - 9:59 p.m.

CVE-2016-3712

2016-05-1121:59:02
CWE-190
[email protected]
web.nvd.nist.gov
6

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

0.002

Percentile

59.8%

JSON

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.

Affected configurations

Nvd
Node
oraclevm_serverMatch3.3x86
OR
oraclevm_serverMatch3.4x86
Node
qemuqemuRange2.5.1
OR
qemuqemuMatch2.6.0rc0
OR
qemuqemuMatch2.6.0rc1
OR
qemuqemuMatch2.6.0rc2
OR
qemuqemuMatch2.6.0rc3
OR
qemuqemuMatch2.6.0rc4
Node
canonicalubuntu_linuxMatch12.04lts
OR
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch15.10
OR
canonicalubuntu_linuxMatch16.04lts
Node
debiandebian_linuxMatch8.0
Node
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_desktopMatch7.0
OR
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_serverMatch7.0
OR
redhatenterprise_linux_server_ausMatch7.3
OR
redhatenterprise_linux_server_ausMatch7.4
OR
redhatenterprise_linux_server_ausMatch7.6
OR
redhatenterprise_linux_server_ausMatch7.7
OR
redhatenterprise_linux_server_eusMatch7.3
OR
redhatenterprise_linux_server_eusMatch7.4
OR
redhatenterprise_linux_server_eusMatch7.5
OR
redhatenterprise_linux_server_eusMatch7.6
OR
redhatenterprise_linux_server_eusMatch7.7
OR
redhatenterprise_linux_server_tusMatch7.3
OR
redhatenterprise_linux_server_tusMatch7.6
OR
redhatenterprise_linux_server_tusMatch7.7
OR
redhatenterprise_linux_workstationMatch6.0
OR
redhatenterprise_linux_workstationMatch7.0
Node
citrixxenserverRange7.0
VendorProductVersionCPE
oraclevm_server3.3cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:x86:*
oraclevm_server3.4cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:x86:*
qemuqemu*cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
qemuqemu2.6.0cpe:2.3:a:qemu:qemu:2.6.0:rc0:*:*:*:*:*:*
qemuqemu2.6.0cpe:2.3:a:qemu:qemu:2.6.0:rc1:*:*:*:*:*:*
qemuqemu2.6.0cpe:2.3:a:qemu:qemu:2.6.0:rc2:*:*:*:*:*:*
qemuqemu2.6.0cpe:2.3:a:qemu:qemu:2.6.0:rc3:*:*:*:*:*:*
qemuqemu2.6.0cpe:2.3:a:qemu:qemu:2.6.0:rc4:*:*:*:*:*:*
canonicalubuntu_linux12.04cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
canonicalubuntu_linux14.04cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Rows per page:
1-10 of 321

Related

redhat 2
openvas 27
ubuntucve 1
centos 2
prion 1
nessus 41
cve 1
debiancve 1
cvelist 1
veracode 1
debian 5
fedora 5
xen 1
osv 6
freebsd 1
oraclelinux 4
archlinux 2
ubuntu 1
mageia 2
suse 9
redhat
redhat
(RHSA-2017:0621) Moderate: qemu-kvm security and bug fix update
2017-03-21 06:17:43
(RHSA-2016:2585) Moderate: qemu-kvm security, bug fix, and enhancement update
2016-11-03 06:07:15
openvas
openvas
RedHat Update for qemu-kvm RHSA-2017:0621-01
2017-03-22 00:00:00
Debian: Security Advisory (DLA-540-1)
2023-03-08 00:00:00
Debian Security Advisory DSA 3573-1 (qemu - security update)
2016-05-09 00:00:00
ubuntucve
ubuntucve
CVE-2016-3712
2016-05-09 00:00:00
centos
centos
qemu security update
2017-03-24 15:42:25
qemu security update
2016-11-25 16:01:55
prion
prion
Integer overflow
2016-05-11 21:59:00
nessus
nessus
Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20170321)
2017-04-06 00:00:00
CentOS 6 : qemu-kvm (CESA-2017:0621)
2017-03-27 00:00:00
RHEL 6 : qemu-kvm (RHSA-2017:0621)
2017-03-22 00:00:00
cve
cve
CVE-2016-3712
2016-05-11 21:59:02
debiancve
debiancve
CVE-2016-3712
2016-05-11 21:59:02
cvelist
cvelist
CVE-2016-3712
2016-05-11 21:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:16:25
debian
debian
[SECURITY] [DSA 3573-1] qemu security update
2016-05-09 20:28:27
[SECURITY] [DLA 539-1] qemu-kvm security update
2016-07-01 08:46:52
[SECURITY] [DSA 3573-1] qemu security update
2016-05-09 20:28:27
fedora
fedora
[SECURITY] Fedora 24 Update: xen-4.6.1-8.fc24
2016-05-16 16:33:45
[SECURITY] Fedora 23 Update: xen-4.5.3-3.fc23
2016-05-12 07:32:01
[SECURITY] Fedora 22 Update: xen-4.5.3-5.fc22
2016-05-28 23:24:56
xen
xen
QEMU: Banked access to VGA memory (VBE) uses inconsistent bounds checks
2016-05-09 11:48:00
osv
osv
qemu - security update
2016-05-09 00:00:00
qemu-kvm - security update
2016-07-01 00:00:00
qemu - security update
2016-07-01 00:00:00
freebsd
freebsd
xen-tools -- QEMU: Banked access to VGA memory (VBE) uses inconsistent bounds checks
2016-05-09 00:00:00
oraclelinux
oraclelinux
qemu-kvm security update
2016-08-09 00:00:00
qemu-kvm security update
2016-08-11 00:00:00
qemu-kvm security, bug fix, and enhancement update
2016-11-09 00:00:00
archlinux
archlinux
qemu-arch-extra: multiple issues
2016-06-08 00:00:00
qemu: multiple issues
2016-06-08 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2016-05-12 00:00:00
mageia
mageia
Updated qemu packages fix security vulnerabilities
2016-05-18 23:14:22
Updated xen packages fix security vulnerability
2017-01-09 23:29:57
suse
suse
Security update for xen (important)
2016-11-04 15:11:21
Security update for kvm (important)
2016-07-11 16:39:09
Security update for qemu (important)
2016-06-29 11:07:43

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

0.002

Percentile

59.8%

JSON
Related for NVD:CVE-2016-3712
redhat2openvas27ubuntucve1centos2prion1nessus41cve1debiancve1cvelist1veracode1debian5fedora5xen1osv6freebsd1oraclelinux4archlinux2ubuntu1mageia2suse9