QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
qemu qemu 0.9.0 |
||
opensuse opensuse 10.3 |
||
opensuse opensuse 11.0 |
||
opensuse opensuse 11.1 |
||
suse linux enterprise server 10 |
||
suse linux enterprise server 11 |
||
debian debian linux 4.0 |
||
debian debian linux 5.0 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 8.10 |
||
redhat enterprise linux desktop 5.0 |
||
redhat enterprise linux eus 5.2 |
||
redhat enterprise linux server 5.0 |
||
redhat enterprise linux workstation 5.0 |