Lucene search

K
cveRedhatCVE-2012-6075
HistoryFeb 13, 2013 - 1:55 a.m.

CVE-2012-6075

2013-02-1301:55:03
CWE-120
redhat
web.nvd.nist.gov
51
cve-2012-6075
buffer overflow
e1000
qemu
denial of service
remote code execution

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.02

Percentile

89.0%

Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.

Affected configurations

Nvd
Node
qemuqemuRange<1.3.0
Node
fedoraprojectfedoraMatch16
OR
fedoraprojectfedoraMatch17
OR
fedoraprojectfedoraMatch18
Node
opensuseopensuseMatch12.1
OR
opensuseopensuseMatch12.2
OR
suselinux_enterprise_serverMatch11sp1ltss
Node
redhatenterprise_linux_desktopMatch5.0
OR
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_eusMatch5.9
OR
redhatenterprise_linux_eusMatch6.4
OR
redhatenterprise_linux_serverMatch5.0
OR
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_server_ausMatch5.9
OR
redhatenterprise_linux_server_ausMatch6.4
OR
redhatenterprise_linux_workstationMatch5.0
OR
redhatenterprise_linux_workstationMatch6.0
Node
redhatvirtualizationMatch3.0
AND
redhatenterprise_linuxMatch6.0
Node
debiandebian_linuxMatch6.0
Node
canonicalubuntu_linuxMatch10.04-
OR
canonicalubuntu_linuxMatch11.10
OR
canonicalubuntu_linuxMatch12.04esm
OR
canonicalubuntu_linuxMatch12.10
VendorProductVersionCPE
qemuqemu*cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
fedoraprojectfedora16cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
fedoraprojectfedora17cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
fedoraprojectfedora18cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
opensuseopensuse12.1cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
opensuseopensuse12.2cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*
redhatenterprise_linux_desktop5.0cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
redhatenterprise_linux_desktop6.0cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
redhatenterprise_linux_eus5.9cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
Rows per page:
1-10 of 241

References

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.02

Percentile

89.0%