- Home
- CVEs with nessus.description==The version of Citrix XenServer running on the remote host is missing a security hotfix. It is, therefore, affected by a guest-to-host arbitrary code execution vulnerability in the QEMU component due to a failure to immediately complete resize operations when a blank mode is synchronously selected for the next update interval. Since other console components will already be operating with the new size values before the operation is completed, an attacker within a guest can exploit this issue to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code on the host.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top