NVD

Id
39974  
Name
CVE-2013-4355  
Description
Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory.  
Reject
 
CVSS Version
2  
CVSS Score
1.5  
Severity
Low  
CVSS Base Score
1.5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
2.7  
CVSS Vector
(AV:L/AC:M/Au:S/C:P/I:N/A:N)  
Pub Date
2017-01-18  
Published
2013-10-01  
Modified Date
2017-01-06  
Seq
2013-4355  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
203405 39974 CVE-2013-4355 SUSE-SU-2014:0411  View
203406 39974 CVE-2013-4355 SUSE-SU-2014:0446  View
203407 39974 CVE-2013-4355 SUSE-SU-2014:0470  View
203408 39974 CVE-2013-4355 openSUSE-SU-2013:1636  View
203409 39974 CVE-2013-4355 RHSA-2013:1790  View
203410 39974 CVE-2013-4355 GLSA-201407-03  View
203411 39974 CVE-2013-4355 DSA-3006  View
203412 39974 CVE-2013-4355 [oss-security] 20130930 Xen Security Advisory 63 (CVE-2013-4355) - Information leaks through I/O instruction emulation  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
22876 JVNDB-2013-004451 Xen におけるハイパーバイザのスタックメモリを取得される脆弱性 Xen は、特定のエラーを適切に処理しないため、ハイパーバイザのスタックメモリを取得される脆弱性が存在します。 CVE-2013-4355 64297 CVE-2013-4355 39974 1.5 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004451.html 2013-09-30 2014-02-18 View