diff options
author | nox <nox@FreeBSD.org> | 2007-12-13 08:36:54 +0800 |
---|---|---|
committer | nox <nox@FreeBSD.org> | 2007-12-13 08:36:54 +0800 |
commit | 04f1a1f8662bb0b5dd20fcfa241a7068a37418c2 (patch) | |
tree | 2c6ed50d27b3a573a8ffd205a2aee5145e018ade /security/vuxml | |
parent | 2a6cab731c210ab7cf080eb95605173c8914c368 (diff) | |
download | freebsd-ports-gnome-04f1a1f8662bb0b5dd20fcfa241a7068a37418c2.tar.gz freebsd-ports-gnome-04f1a1f8662bb0b5dd20fcfa241a7068a37418c2.tar.zst freebsd-ports-gnome-04f1a1f8662bb0b5dd20fcfa241a7068a37418c2.zip |
Document qemu -- Translation Block Local Denial of Service Vulnerability
Diffstat (limited to 'security/vuxml')
-rw-r--r-- | security/vuxml/vuln.xml | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 5f0ecc8c03ee..319c88a59c63 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,40 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="30f5ca1d-a90b-11dc-bf13-0211060005df"> + <topic>qemu -- Translation Block Local Denial of Service Vulnerability</topic> + <affects> + <package> + <name>qemu</name> + <name>qemu-devel</name> + <range><lt>0.9.0_4</lt></range> + <range><ge>0.9.0s.20070101*</ge><lt>0.9.0s.20070802_1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>SecurityFocus reports:</p> + <blockquote cite="http://www.securityfocus.com/bid/26666/discuss"> + <p>QEMU is prone to a local denial-of-service vulnerability + because it fails to perform adequate boundary checks when + handling user-supplied input.</p> + <p>Attackers can exploit this issue to cause denial-of-service + conditions. Given the nature of the issue, attackers may also be + able to execute arbitrary code, but this has not been confirmed.</p> + </blockquote> + </body> + </description> + <references> + <url>http://www.securityfocus.com/archive/1/484429</url> + <bid>26666</bid> + <cvename>CVE-2007-6227</cvename> + </references> + <dates> + <discovery>2007-11-30</discovery> + <entry>2007-12-12</entry> + </dates> + </vuln> + <vuln vid="fa708908-a8c7-11dc-b41d-000fb5066b20"> <topic>drupal -- SQL injection vulnerability</topic> <affects> |