CVE-2015-4106
https://notcve.org/view.php?id=CVE-2015-4106
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors. QEMU no restringe correctamente el acceso a escritura al espacio PCI config para ciertos dispositivos PCI pass-through, lo que podría permitir a invitados x86 HVM locales obtener privilegios, causar una denegación de servicio (caída de host), obtener información sensible o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160154.html http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160171.html http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html http://lists.opensuse.org/opensuse-security-announce • CWE-863: Incorrect Authorization •
CVE-2014-4947
https://notcve.org/view.php?id=CVE-2014-4947
Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and attack vectors. Desbordamiento de buffer en el soporte de la consola de gráficos HVM en Citrix XenServer 6.2 Service Pack 1 y anteriores tiene impacto y vectores de ataque no especificados. • http://secunia.com/advisories/60027 http://support.citrix.com/article/CTX140984 http://www.securityfocus.com/bid/68659 http://www.securitytracker.com/id/1030604 https://exchange.xforce.ibmcloud.com/vulnerabilities/94631 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2014-4948
https://notcve.org/view.php?id=CVE-2014-4948
Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk (VHD). Vulnerabilidad no especificada en Citrix XenServer 6.2 Service Pack 1 y anteriores permite a atacantes causar una denegación de servicio y obtener información sensible mediante la modificación del disco duro virtual invitado (VHD). • http://secunia.com/advisories/60027 http://support.citrix.com/article/CTX140984 http://www.securityfocus.com/bid/68660 http://www.securitytracker.com/id/1030604 https://exchange.xforce.ibmcloud.com/vulnerabilities/94632 •