5 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-5177
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document...
[USN-2366-1] libvirt vulnerabilities
========================================================================== Ubuntu Security Notice USN-2366-1 September 30, 2014 libvirt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...
Ubuntu 14.04 LTS : libvirt vulnerabilities (USN-2366-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2366-1 advisory. Daniel P. Berrange and Richard Jones discovered that libvirt incorrectly handled XML documents containing XML external entity declarations. An attacker...
CVE-2014-5177
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the 1 virDomainDefineXML, 2 virNetworkCreateXML, 3...
Xxe
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service read block and hang via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the 1 virConnectCompareCPU or 2 virConnectBaselineCPU API method, relate...