DescriptionThe VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information.
NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Novell/SUSE informationNovell Bugzilla entry: 254475, 779212 SUSE Security Advisories:
- openSUSE-SU-2012:1572-1, published Mon, 26 Nov 2012 15:08:36 +0100 (CET)
- openSUSE-SU-2012:1573-1, published Mon, 26 Nov 2012 15:13:15 +0100 (CET)
List of products where fixes are in QASLE 11 SP1 DEBUGINFO
SUSE Linux Enterprise Server 11 SP1 LTSS