Novell Home

CVE-2007-0998

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2007-0998 at MITRE

Description

The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information.

NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)

Novell/SUSE information

Novell Bugzilla entry: 254475, 779212

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE 11 SP1 DEBUGINFO
  • xen-debuginfo >= 4.0.3_21548_16-0.5.1
  • xen-debugsource >= 4.0.3_21548_16-0.5.1
Builds
SAT Patch Nr: 8963
SUSE Linux Enterprise Server 11 SP1 LTSS
  • xen >= 4.0.3_21548_16-0.5.1
  • xen-doc-html >= 4.0.3_21548_16-0.5.1
  • xen-doc-pdf >= 4.0.3_21548_16-0.5.1
  • xen-kmp-default >= 4.0.3_21548_16_2.6.32.59_0.9-0.5.1
  • xen-kmp-pae >= 4.0.3_21548_16_2.6.32.59_0.9-0.5.1
  • xen-kmp-trace >= 4.0.3_21548_16_2.6.32.59_0.9-0.5.1
  • xen-libs >= 4.0.3_21548_16-0.5.1
  • xen-tools >= 4.0.3_21548_16-0.5.1
  • xen-tools-domU >= 4.0.3_21548_16-0.5.1
Builds
SAT Patch Nr: 8963
SUSE Linux Enterprise Server 11 SP1 LTSS
  • xen >= 4.0.3_21548_16-0.5.1
  • xen-doc-html >= 4.0.3_21548_16-0.5.1
  • xen-doc-pdf >= 4.0.3_21548_16-0.5.1
  • xen-kmp-default >= 4.0.3_21548_16_2.6.32.59_0.9-0.5.1
  • xen-kmp-trace >= 4.0.3_21548_16_2.6.32.59_0.9-0.5.1
  • xen-libs >= 4.0.3_21548_16-0.5.1
  • xen-tools >= 4.0.3_21548_16-0.5.1
  • xen-tools-domU >= 4.0.3_21548_16-0.5.1
Builds
SAT Patch Nr: 8963

© 2014 Novell