PT-2013-1377 · Qemu+1 · Libspice+1

Izik Eidus

Published

2010-03-29

Updated

2013-12-27

CVE-2010-0430

CVSS v2.0

7.4

High

Vector

AV:A/AC:M/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions libspice versions prior to 5.5-2.2

Description The issue allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings. This can potentially lead to unauthorized access or modification of sensitive data.

Recommendations For versions prior to 5.5-2.2, update to version 5.5-2.2 or later to resolve the issue.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2010-0430

RHSA-2010:0271

RHSA-2010:0476

RHSA-2010_0271

Affected Products

Red Hat

Libspice

PT-2013-1377 · Qemu+1 · Libspice+1

CVE-2010-0430

Weakness Enumeration

Related Identifiers

Affected Products

References · 7