2 matches found
OracleVM 2.2 : ovs-agent (OVMSA-2010-0015)
The remote OracleVM system is missing necessary patches to address critical security updates : - Update changelog, fill CVE number. - Fix config-file access mode issue. - Fix file access vulnerability orabug 10142417 CVE-2010-3582 - Fix local privilege escalation orabug 10142476 CVE-2010-3584 - F...
CVE-2010-3583
CVE-2010-3583 is tied to Oracle VM 2.2.1, where the Oracle VM Agent (ovs-agent) exposes functions via XML-RPC. A vulnerability exists in the ovs-agent channel that can allow an authenticated, remote attacker to execute arbitrary OS commands, impacting confidentiality, integrity, and availability ...