5

CVE-2014-7815

The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QemuQemu Version <= 2.1.3
DebianDebian Linux Version7.0
RedhatEnterprise Linux Eus Version7.3
RedhatEnterprise Linux Eus Version7.4
RedhatEnterprise Linux Eus Version7.5
RedhatEnterprise Linux Eus Version7.6
RedhatEnterprise Linux Eus Version7.7
RedhatVirtualization Version3.0
   RedhatEnterprise Linux Version7.0
CanonicalUbuntu Linux Version10.04 SwEdition-
CanonicalUbuntu Linux Version12.04 SwEditionesm
CanonicalUbuntu Linux Version14.04 SwEditionesm
CanonicalUbuntu Linux Version14.10
SuseLinux Enterprise Desktop Version12 Update-
SuseLinux Enterprise Server Version12 Update-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.74% 0.884
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.ubuntu.com/usn/USN-2409-1
Third Party Advisory
http://support.citrix.com/article/CTX200892
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0349.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0624.html
Third Party Advisory
http://secunia.com/advisories/62143
Third Party Advisory
http://secunia.com/advisories/62144
Third Party Advisory
http://www.debian.org/security/2014/dsa-3066
Third Party Advisory
http://www.debian.org/security/2014/dsa-3067
Third Party Advisory
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e6908bfe8e07f2b452e78e677da1b45b1c0f6829
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/61484
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1157641
Third Party Advisory
Issue Tracking