CVE-2013-4527

Loading...

General

Score:7.5/10.0
Severity:High
Category:Buffer Error

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2013-4148, CVE-2013-4149, CVE-2013-4150, CVE-2013-4151, CVE-2013-4526, CVE-2013-4529, CVE-2013-4530, CVE-2013-4531, CVE-2013-4532, CVE-2013-4533, CVE-2013-4534, CVE-2013-4535, CVE-2013-4536, CVE-2013-4537, CVE-2013-4538, CVE-2013-4539, CVE-2013-4540, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0142, CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0146, CVE-2014-0147, CVE-2014-0150, CVE-2014-0182, CVE-2014-0222, CVE-2014-0223, CVE-2014-2894, CVE-2014-3461, CVE-2014-3471, CVE-2014-3615, CVE-2014-3640, CVE-2014-3689, CVE-2014-5263, CVE-2014-7815, CVE-2014-7840, CVE-2014-8106, CVE-2014-9718, CVE-2015-1779, CVE-2015-5278, CVE-2015-6855, CVE-2015-7512, CVE-2015-7549, CVE-2015-8345, CVE-2015-8504, CVE-2015-8550, CVE-2015-8554, CVE-2015-8555, CVE-2015-8558, CVE-2015-8567, CVE-2015-8568, CVE-2015-8613, CVE-2015-8619, CVE-2015-8743, CVE-2015-8744, CVE-2015-8745, CVE-2015-8817, CVE-2015-8818, CVE-2016-1568, CVE-2016-1570, CVE-2016-1571, CVE-2016-1714, CVE-2016-1922, CVE-2016-1981, CVE-2016-2198, CVE-2016-2270, CVE-2016-2271, CVE-2016-2391, CVE-2016-2392, CVE-2016-2538, CVE-2016-2841

Published on 04/11/14 - Updated on 05/11/14

Description

Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers.

Category: Buffer Error

CWE-119 (Buffer Errors)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Security Notices

US National Vulnerability DatabaseCVE-2013-4527
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2014-AVI-452
CentOS CESA-2014:0927
Oracle Linux ELSA-2014-0927, ELSA-2015-0349
Redhat RHSA-2014:0927, RHSA-2014:1268
SUSE SUSE-SU-2014:0816, SUSE-SU-2016:0955, SUSE-SU-2016:1318, SUSE-SU-2016:1745
Ubuntu USN-2342-1

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
qemuqemu

Share this vulnerability with:

Twitter Facebook LinkedIn Mail