|Max CVSS||7.8||Min CVSS||4.9||Total Count||5|
|ID||CVSS||Summary||Last (major) update||Published|
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
|07-03-2011 - 22:09||24-12-2008 - 13:29|
The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the gue
|21-08-2010 - 01:19||12-05-2008 - 18:20|
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different for
|21-08-2010 - 01:19||08-08-2008 - 15:41|
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended.
|16-05-2009 - 01:26||24-12-2008 - 13:29|
Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap over
|16-05-2009 - 01:24||29-12-2008 - 10:24|