Lucene search

K

Veracode Vulnerability DatabaseVERACODE:23427

HistoryApr 10, 2020 - 12:26 a.m.

Arbitrary Code Execution

2020-04-1000:26:31

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

9

0.0004 Low

EPSS

Percentile

5.1%

xen is vulnerable to arbitrary code execution. The hypervisor’s para-virtualized framebuffer (PVFB) backend failed to validate the format of messages serving to update the contents of the framebuffer. This could allow a malicious user to cause a denial of service, or compromise the privileged domain (Dom0).

CPENameOperatorVersion
xeneq3.0.3__25.0.3.el5
xeneq3.0.3__25.el5
xeneq3.0.3__25.0.4.el5
xeneq3.0.3__25.0.3.el5
xeneq3.0.3__25.el5
xeneq3.0.3__25.0.4.el5

References

secunia.com/advisories/29963

www.redhat.com/security/updates/classification/#important

www.redhat.com/support/errata/RHSA-2008-0194.html

www.securityfocus.com/bid/29186

www.securitytracker.com/id?1020009

access.redhat.com/errata/RHSA-2008:0194

bugzilla.redhat.com/show_bug.cgi?id=443390

exchange.xforce.ibmcloud.com/vulnerabilities/42388

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10868

0.0004 Low

EPSS

Percentile

5.1%

Related for VERACODE:23427

cve1 prion1 nvd1 ubuntucve1 cvelist1 debian2 redhat1 nessus4 centos1 openvas3 oraclelinux1