CVE-2009-3616
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
Multiple use-after-free vulnerabilities in vnc.c in the VNC server in QEMU 0.10.6 and earlier might allow guest OS users to execute arbitrary code on the host OS by establishing a connection from a VNC client and then (1) disconnecting during data transfer, (2) sending a message using incorrect integer data types, or (3) using the Fuzzy Screen Mode protocol, related to double free vulnerabilities.
Múltiples vulnerabilidades de uso anterior a la liberación en vnc.c del servidor VNC en QEMU v0.10.6 y anteriores, permite a usuarios del sistema anfitrión ejecutar código de su elección en el sistema hospedado, estableciendo una conexión desde el cliente VNC y a continuación (1) desconectando durante la transferencia de datos, (2) enviando un mensaje utilizando tipos de datos enteros incorrectos, o (3) utilizando el protocolo Fuzzy Screen Mode, relativo a una doble liberación de vulnerabilidades.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2009-10-09 CVE Reserved
- 2009-10-23 CVE Published
- 2024-02-16 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-416: Use After Free
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://marc.info/?l=qemu-devel&m=124324043812915 | Mailing List | |
| http://rhn.redhat.com/errata/RHEA-2009-1272.html | Third Party Advisory | |
| http://www.securityfocus.com/bid/36716 | Broken Link | |
| https://bugzilla.redhat.com/show_bug.cgi?id=508567 | Issue Tracking |
| URL | Date | SRC |
|---|---|---|
| http://git.savannah.gnu.org/cgit/qemu.git/commit/?id=198a0039c5 | 2024-08-07 | |
| http://git.savannah.gnu.org/cgit/qemu.git/commit/?id=753b405331 | 2024-08-07 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=505641 | 2024-08-07 |
| URL | Date | SRC |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2009/10/16/5 | 2024-02-15 | |
| http://www.openwall.com/lists/oss-security/2009/10/16/8 | 2024-02-15 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=501131 | 2024-02-15 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | <= 0.10.6 Search vendor "Qemu" for product "Qemu" and version " <= 0.10.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server" | 5.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "5.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation" | 5.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "5.0" | - |
Affected
| ||||||