Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2016-4962

Published: 07/06/2016 Updated: 28/11/2016
CVSS v2 Base Score: 6.8 | Impact Score: 10 | Exploitability Score: 3.1
CVSS v3 Base Score: 6.7 | Impact Score: 5.9 | Exploitability Score: 0.8
VMScore: 605
Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Subscribe to Vm Server

Vulnerability Summary

The libxl device-handling in Xen 4.6.x and previous versions allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle vm server 3.4

oracle vm server 3.3

xen xen 4.4.4

xen xen 4.5.3

xen xen 4.5.2

xen xen 4.4.0

xen xen 4.4.3

xen xen 4.3.2

xen xen 4.3.1

xen xen 4.6.1

xen xen 4.6.0

xen xen 4.4.2

xen xen 4.4.1

xen xen 4.3.0

xen xen 4.5.1

xen xen 4.5.0

xen xen 4.3.4

xen xen 4.3.3

Vendor Advisories

Debian Security Advisories: DSA-3633-1 xen -- security update
Multiple vulnerabilities have been discovered in the Xen hypervisor The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-8338 Julien Grall discovered that Xen on ARM was susceptible to denial of service via long running memory operations CVE-2016-4480 Jan Beulich discovered that incorrect page ...
Red Hat: CVE-2016-4962
The libxl device-handling in Xen 46x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore ...

References

CWE-264http://www.securitytracker.com/id/1036023http://xenbits.xen.org/xsa/advisory-175.htmlhttp://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlhttp://www.securityfocus.com/bid/91006http://www.debian.org/security/2016/dsa-3633https://nvd.nist.govhttps://www.debian.org/security/./dsa-3633
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
brute forceCVE-2024-24908open redirectCVE-2024-31497CVE-2023-45866CVE-2024-4135CVE-2024-25523cache poisoningCVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook