Lucene search

[email protected]CVE-2013-4540

HistoryNov 04, 2014 - 9:55 p.m.

CVE-2013-4540

2014-11-0421:55:24

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-4540

buffer overflow

qemu

remote attackers

arbitrary code

savevm image

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

High

0.055 Low

EPSS

Percentile

93.3%

JSON

Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large (1) prev_level, (2) gpio_level, or (3) gpio_dir value in a savevm image.

Affected configurations

NVD

Node

qemuqemuRange≤1.7.1

qemuqemuMatch0.1.0

qemuqemuMatch0.1.1

qemuqemuMatch0.1.2

qemuqemuMatch0.1.3

qemuqemuMatch0.1.4

qemuqemuMatch0.1.5

qemuqemuMatch0.1.6

qemuqemuMatch0.2.0

qemuqemuMatch0.3.0

qemuqemuMatch0.4.0

qemuqemuMatch0.4.1

qemuqemuMatch0.4.2

qemuqemuMatch0.4.3

qemuqemuMatch0.5.0

qemuqemuMatch0.5.1

qemuqemuMatch0.5.2

qemuqemuMatch0.5.3

qemuqemuMatch0.5.4

qemuqemuMatch0.5.5

qemuqemuMatch0.6.0

qemuqemuMatch0.6.1

qemuqemuMatch0.7.0

qemuqemuMatch0.7.1

qemuqemuMatch0.7.2

qemuqemuMatch0.8.0

qemuqemuMatch0.8.1

qemuqemuMatch0.8.2

qemuqemuMatch0.9.0

qemuqemuMatch0.9.1

qemuqemuMatch0.9.1-5

qemuqemuMatch0.10.0

qemuqemuMatch0.10.1

qemuqemuMatch0.10.2

qemuqemuMatch0.10.3

qemuqemuMatch0.10.4

qemuqemuMatch0.10.5

qemuqemuMatch0.10.6

qemuqemuMatch0.11.0

qemuqemuMatch0.11.0rc0

qemuqemuMatch0.11.0rc1

qemuqemuMatch0.11.0rc2

qemuqemuMatch0.11.0-rc0

qemuqemuMatch0.11.0-rc1

qemuqemuMatch0.11.0-rc2

qemuqemuMatch0.11.1

qemuqemuMatch0.12.0

qemuqemuMatch0.12.0rc1

qemuqemuMatch0.12.0rc2

qemuqemuMatch0.12.1

qemuqemuMatch0.12.2

qemuqemuMatch0.12.3

qemuqemuMatch0.12.4

qemuqemuMatch0.12.5

qemuqemuMatch0.13.0

qemuqemuMatch0.13.0rc0

qemuqemuMatch0.13.0rc1

qemuqemuMatch0.14.0

qemuqemuMatch0.14.0rc0

qemuqemuMatch0.14.0rc1

qemuqemuMatch0.14.0rc2

qemuqemuMatch0.14.1

qemuqemuMatch0.15.0rc1

qemuqemuMatch0.15.0rc2

qemuqemuMatch0.15.1

qemuqemuMatch0.15.2

qemuqemuMatch1.0

qemuqemuMatch1.0rc1

qemuqemuMatch1.0rc2

qemuqemuMatch1.0rc3

qemuqemuMatch1.0rc4

qemuqemuMatch1.0.1

qemuqemuMatch1.1

qemuqemuMatch1.1rc1

qemuqemuMatch1.1rc2

qemuqemuMatch1.1rc3

qemuqemuMatch1.1rc4

qemuqemuMatch1.4.1

qemuqemuMatch1.4.2

qemuqemuMatch1.5.0

qemuqemuMatch1.5.0rc1

qemuqemuMatch1.5.0rc2

qemuqemuMatch1.5.0rc3

qemuqemuMatch1.5.1

qemuqemuMatch1.5.2

qemuqemuMatch1.5.3

qemuqemuMatch1.6.0

qemuqemuMatch1.6.0rc1

qemuqemuMatch1.6.0rc2

qemuqemuMatch1.6.0rc3

qemuqemuMatch1.6.1

qemuqemuMatch1.6.2

Node

opensuseopensuseMatch12.3

opensuseopensuseMatch13.1

CPENameOperatorVersion
qemu:qemuqemule1.7.1
qemu:qemuqemueq0.1.0
qemu:qemuqemueq0.1.1
qemu:qemuqemueq0.1.2
qemu:qemuqemueq0.1.3
qemu:qemuqemueq0.1.4
qemu:qemuqemueq0.1.5
qemu:qemuqemueq0.1.6
qemu:qemuqemueq0.2.0
qemu:qemuqemueq0.3.0

CPE	Name	Operator	Version
qemu:qemu	qemu	le	1.7.1
qemu:qemu	qemu	eq	0.1.0
qemu:qemu	qemu	eq	0.1.1
qemu:qemu	qemu	eq	0.1.2
qemu:qemu	qemu	eq	0.1.3
qemu:qemu	qemu	eq	0.1.4
qemu:qemu	qemu	eq	0.1.5
qemu:qemu	qemu	eq	0.1.6
qemu:qemu	qemu	eq	0.2.0
qemu:qemu	qemu	eq	0.3.0