Lucene search

[email protected]NVD:CVE-2013-2007

HistoryMay 21, 2013 - 6:55 p.m.

CVE-2013-2007

2013-05-2118:55:02

CWE-264

[email protected]

web.nvd.nist.gov

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.

Affected configurations

NVD

Node

qemuqemuMatch1.4.1

References

git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c689b4f1bac352dcfd6ecb9a1d45337de0f1de67

lists.opensuse.org/opensuse-updates/2013-07/msg00057.html

osvdb.org/93032

rhn.redhat.com/errata/RHSA-2013-0791.html

rhn.redhat.com/errata/RHSA-2013-0896.html

secunia.com/advisories/53325

www.openwall.com/lists/oss-security/2013/05/06/5

www.securityfocus.com/bid/59675

www.securitytracker.com/id/1028521

bugzilla.redhat.com/show_bug.cgi?id=956082

exchange.xforce.ibmcloud.com/vulnerabilities/84047

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2013-2007

openvas10 cve1 mageia1 nessus10 veracode1 cvelist1 centos1 debiancve1 prion1 redhat2 ubuntucve1 xen1 oraclelinux1 fedora1