Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:11085
HistoryJan 15, 2019 - 8:56 a.m.

Privilege Escalation

2019-01-1508:56:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

xen is vulnerable to privilege escalation attacks. The vulnerability exists as Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a “device model’s address space.”

References

Related

openvas 89
nessus 41
centos 3
suse 15
oraclelinux 3
f5 2
securityvulns 2
prion 1
redhat 6
debiancve 1
cve 1
ubuntucve 1
ubuntu 1
osv 3
debian 3
fedora 25
gentoo 2
openvas
openvas
CentOS Update for kmod-kvm CESA-2012:1235 centos5
2012-09-07 00:00:00
RedHat Update for xen RHSA-2012:1236-01
2012-09-07 00:00:00
CentOS Update for qemu-guest-agent CESA-2012:1234 centos6
2012-09-07 00:00:00
nessus
nessus
Fedora 16 : qemu-0.15.1-8.fc16 (2012-15606)
2012-10-17 00:00:00
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : qemu-kvm vulnerability (USN-1590-1)
2012-10-03 00:00:00
Oracle Linux 5 : kvm (ELSA-2012-1235)
2013-07-12 00:00:00
centos
centos
xen security update
2012-09-05 17:58:14
kmod, kvm security update
2012-09-05 18:11:48
qemu security update
2012-09-05 18:27:02
suse
suse
Security update for qemu (important)
2012-10-25 00:09:21
Security update for kvm (important)
2012-09-18 15:08:40
qemu: Fix buffer overflow in console VT100 emulation (important)
2012-09-14 14:08:59
oraclelinux
oraclelinux
qemu-kvm security update
2012-09-05 00:00:00
xen security update
2012-09-05 00:00:00
kvm security update
2012-09-05 00:00:00
f5
f5
SOL13405416 - QEMU vulnerability CVE-2012-3515
2016-01-05 00:00:00
K13405416 : QEMU vulnerability CVE-2012-3515
2016-01-06 00:00:00
securityvulns
securityvulns
[USN-1590-1] QEMU vulnerability
2012-10-04 00:00:00
QEMU memory corruption
2012-10-04 00:00:00
prion
prion
Design/Logic Flaw
2012-11-23 20:55:00
redhat
redhat
(RHSA-2012:1235) Important: kvm security update
2012-09-05 00:00:00
(RHSA-2012:1234) Important: qemu-kvm security update
2012-09-05 00:00:00
(RHSA-2012:1233) Important: qemu-kvm-rhev security and bug fix update
2012-09-05 00:00:00
debiancve
debiancve
CVE-2012-3515
2012-11-23 20:55:00
cve
cve
CVE-2012-3515
2012-11-23 20:55:00
ubuntucve
ubuntucve
CVE-2012-3515
2012-09-06 00:00:00
ubuntu
ubuntu
QEMU vulnerability
2012-10-02 00:00:00
osv
osv
qemu-kvm - multiple
2012-09-08 00:00:00
qemu - multiple
2012-09-08 00:00:00
xen-qemu-dm-4.0 - multiple
2012-09-08 00:00:00
debian
debian
[SECURITY] [DSA 2545-1] qemu security update
2012-09-08 21:54:27
[SECURITY] [DSA 2543-1] xen-qemu-dm-4.0 security update
2012-09-08 21:32:19
[SECURITY] [DSA 2542-1] qemu-kvm security update
2012-09-08 21:12:37
fedora
fedora
[SECURITY] Fedora 17 Update: qemu-1.0.1-2.fc17
2012-10-13 00:23:29
[SECURITY] Fedora 17 Update: qemu-1.0.1-3.fc17
2013-01-26 15:56:23
[SECURITY] Fedora 16 Update: qemu-0.15.1-8.fc16
2012-10-17 00:22:05
gentoo
gentoo
Xen: Multiple vulnerabilities
2016-04-05 00:00:00
Xen: Multiple vulnerabilities
2013-09-27 00:00:00

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for VERACODE:11085
openvas89nessus41centos3suse15oraclelinux3f52securityvulns2prion1redhat6debiancve1cve1ubuntucve1ubuntu1osv3debian3fedora25gentoo2