NVD

Id
40130  
Name
CVE-2013-4538  
Description
Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2014-11-04  
Modified Date
2014-11-05  
Seq
2013-4538  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
204216 40130 CVE-2013-4538 http://git.qemu.org/?p=qemu.git;a=commit;h=ead7a57df37d2187813a121308213f41591bd811  View
204217 40130 CVE-2013-4538 FEDORA-2014-6288  View
204218 40130 CVE-2013-4538 [Qemu-devel] 20131213 [PATCH 00/23] qemu state loading issues  View
204219 40130 CVE-2013-4538 [Qemu-stable] 20140723 [ANNOUNCE] QEMU 1.7.2 Stable released  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
25110 JVNDB-2013-006687 QEMU の hw/display/ssd0323.c の ssd0323_load 関数におけるバッファオーバーフローの脆弱性 QEMU の hw/display/ssd0323.c の ssd0323_load 関数には、バッファオーバーフローの脆弱性が存在します。 CVE-2013-4538 64480 CVE-2013-4538 40130 7.5 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-006687.html 2013-12-03 2014-11-06 View