Vulnerability & Exploit Database

Displaying entries 1 - 10 of 12 in total

Results for: CVE-2012-2652 Back to search

DSA-2545-1 qemu -- multiple vulnerabilities Vulnerability

  • Severity: 7
  • Published: November 23, 2012

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."

DSA-2542-1 qemu-kvm -- multiple vulnerabilities Vulnerability

  • Severity: 7
  • Published: November 23, 2012

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."

USN-1522-1: QEMU vulnerability Vulnerability

  • Severity: 4
  • Published: August 07, 2012

The bdrv_open function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file.

SUSE Linux Security Vulnerability: CVE-2012-2652 Vulnerability

  • Severity: 4
  • Published: August 07, 2012

The bdrv_open function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file.

Gentoo Linux: CVE-2012-2652: qemu-kvm: Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: August 07, 2012

The bdrv_open function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file.

ELSA-2013-0581 Moderate: Oracle Linux libxml2 security update Vulnerability

  • Severity: 9
  • Published: May 15, 2012

Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to hand...

Juniper Junos OS: Multiple vulnerabilities in libxml2 library (JSA10669) (multiple CVEs) Vulnerability

  • Severity: 9
  • Published: September 02, 2011

Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to hand...

Sun Patch: SunOS 5.10_x86: XML and XSLT libraries patch Vulnerability

  • Severity: 10
  • Published: September 12, 2008

Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.

Sun Patch: SunOS 5.10: XML and XSLT libraries patch Vulnerability

  • Severity: 10
  • Published: September 12, 2008

Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.