aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authornox <nox@FreeBSD.org>2007-12-13 08:36:54 +0800
committernox <nox@FreeBSD.org>2007-12-13 08:36:54 +0800
commit04f1a1f8662bb0b5dd20fcfa241a7068a37418c2 (patch)
tree2c6ed50d27b3a573a8ffd205a2aee5145e018ade
parent2a6cab731c210ab7cf080eb95605173c8914c368 (diff)
downloadfreebsd-ports-gnome-04f1a1f8662bb0b5dd20fcfa241a7068a37418c2.tar.gz
freebsd-ports-gnome-04f1a1f8662bb0b5dd20fcfa241a7068a37418c2.tar.zst
freebsd-ports-gnome-04f1a1f8662bb0b5dd20fcfa241a7068a37418c2.zip
Document qemu -- Translation Block Local Denial of Service Vulnerability
-rw-r--r--security/vuxml/vuln.xml34
1 files changed, 34 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 5f0ecc8c03ee..319c88a59c63 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,40 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="30f5ca1d-a90b-11dc-bf13-0211060005df">
+ <topic>qemu -- Translation Block Local Denial of Service Vulnerability</topic>
+ <affects>
+ <package>
+ <name>qemu</name>
+ <name>qemu-devel</name>
+ <range><lt>0.9.0_4</lt></range>
+ <range><ge>0.9.0s.20070101*</ge><lt>0.9.0s.20070802_1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>SecurityFocus reports:</p>
+ <blockquote cite="http://www.securityfocus.com/bid/26666/discuss">
+ <p>QEMU is prone to a local denial-of-service vulnerability
+ because it fails to perform adequate boundary checks when
+ handling user-supplied input.</p>
+ <p>Attackers can exploit this issue to cause denial-of-service
+ conditions. Given the nature of the issue, attackers may also be
+ able to execute arbitrary code, but this has not been confirmed.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>http://www.securityfocus.com/archive/1/484429</url>
+ <bid>26666</bid>
+ <cvename>CVE-2007-6227</cvename>
+ </references>
+ <dates>
+ <discovery>2007-11-30</discovery>
+ <entry>2007-12-12</entry>
+ </dates>
+ </vuln>
+
<vuln vid="fa708908-a8c7-11dc-b41d-000fb5066b20">
<topic>drupal -- SQL injection vulnerability</topic>
<affects>