7.5

CVE-2013-4149

Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table.

Data is provided by the National Vulnerability Database (NVD)
QemuQemu Version1.3.0
QemuQemu Version1.3.0 Updaterc0
QemuQemu Version1.3.0 Updaterc1
QemuQemu Version1.3.0 Updaterc2
QemuQemu Version1.3.1
QemuQemu Version1.4.1
QemuQemu Version1.4.2
QemuQemu Version1.5.0
QemuQemu Version1.5.0 Updaterc1
QemuQemu Version1.5.0 Updaterc2
QemuQemu Version1.5.0 Updaterc3
QemuQemu Version1.5.1
QemuQemu Version1.5.2
QemuQemu Version1.5.3
QemuQemu Version1.6.0
QemuQemu Version1.6.0 Updaterc1
QemuQemu Version1.6.0 Updaterc2
QemuQemu Version1.6.0 Updaterc3
QemuQemu Version1.6.1
QemuQemu Version1.6.2
QemuQemu Version1.7.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 4.08% 0.874
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.