CVE-2007-6416

Exploit

EPSS 0.11%
Published 17.12.2007 23:46:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The copy_to_user function in the PAL emulation functionality for Xen 3.1.2 and earlier, when running on ia64 systems, allows HVM guest users to access arbitrary physical memory by triggering certain mapping operations.

Affected products Warnungen 0 Metrics 2 CWE 0 References 10

Data is provided by the National Vulnerability Database (NVD)

Xen ≫ Xen Version3.1.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.11%	0.307

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/28643

http://www.redhat.com/support/errata/RHSA-2008-0089.html

http://osvdb.org/41344

http://secunia.com/advisories/28146

http://www.securityfocus.com/bid/26954

http://xenbits.xensource.com/ext/ia64/xen-unstable.hg?rev/e6069a715fd7

Exploit

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9840

https://nvd.nist.gov/vuln/detail/CVE-2007-6416

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-6416

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-6416

EUVD