PT-2013-1377 · Qemu+1 · Libspice+1

Izik Eidus

+1

·

Publicado

2010-03-29

·

Atualizado

2013-12-27

·

CVE-2010-0430

CVSS v2.0

7.4

Alta

VetorAV:A/AC:M/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions libspice versions prior to 5.5-2.2
Description The issue allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings. This can potentially lead to unauthorized access or modification of sensitive data.
Recommendations For versions prior to 5.5-2.2, update to version 5.5-2.2 or later to resolve the issue.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2010-0430
RHSA-2010:0271
RHSA-2010:0476
RHSA-2010_0271

Produtos afetados

Red Hat
Libspice