PRIOn knowledge basePRION:CVE-2008-5714Code injection
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended.
References
lists.gnu.org/archive/html/qemu-devel/2008-11/msg01224.html
lists.gnu.org/archive/html/qemu-devel/2008-12/msg00498.html
lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
secunia.com/advisories/33568
secunia.com/advisories/34642
secunia.com/advisories/35062
svn.savannah.gnu.org/viewvc/?view=rev&root=qemu&revision=5966
svn.savannah.gnu.org/viewvc/trunk/monitor.c?root=qemu&r1=5966&r2=5965&pathrev=5966
www.securityfocus.com/bid/33020
www.ubuntu.com/usn/usn-776-1
exchange.xforce.ibmcloud.com/vulnerabilities/47683
Related
