Описание
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 0.9.1 (включая)
Одно из
cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.1.2:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.1.3:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.1.4:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.1.5:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.1.6:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.4.2:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.4.3:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.5.3:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.5.4:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.5.5:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.9.0:*:*:*:*:*:*:*
Конфигурация 2Версия до 79 (включая)
Одно из
cpe:2.3:a:kvm_qumranet:kvm:*:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:1:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:2:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:3:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:4:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:5:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:6:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:7:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:8:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:9:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:10:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:11:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:12:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:13:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:14:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:15:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:16:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:17:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:18:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:19:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:20:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:21:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:22:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:23:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:24:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:25:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:26:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:27:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:28:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:29:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:30:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:31:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:32:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:33:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:34:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:35:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:36:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:37:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:38:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:39:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:40:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:41:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:42:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:43:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:44:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:45:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:46:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:47:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:48:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:49:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:50:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:51:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:52:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:53:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:54:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:55:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:56:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:57:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:58:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:59:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:60:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:61:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:62:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:63:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:64:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:65:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:66:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:67:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:68:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:69:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:70:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:71:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:72:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:73:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:74:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:75:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:76:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:77:*:*:*:*:*:*:*
cpe:2.3:a:kvm_qumranet:kvm:78:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.2088
Средний
5 Medium
CVSS2
Дефекты
CWE-399
Связанные уязвимости
ubuntu
больше 16 лет назад
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
redhat
больше 16 лет назад
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
debian
больше 16 лет назад
The protocol_client_msg function in vnc.c in the VNC server in (1) Qem ...
github
больше 3 лет назад
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
EPSS
Процентиль: 95%
0.2088
Средний
5 Medium
CVSS2
Дефекты
CWE-399