Vulnerability Details CVE-2013-2007
The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.0%
CVSS Severity
CVSS v2 Score 6.9
References
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c689b4f1bac352dcfd6ecb9a1d45337de0f1de67
- http://lists.opensuse.org/opensuse-updates/2013-07/msg00057.html
- http://osvdb.org/93032
- http://rhn.redhat.com/errata/RHSA-2013-0791.html
- http://rhn.redhat.com/errata/RHSA-2013-0896.html
- http://secunia.com/advisories/53325
- http://www.openwall.com/lists/oss-security/2013/05/06/5
- http://www.securityfocus.com/bid/59675
- http://www.securitytracker.com/id/1028521
- https://bugzilla.redhat.com/show_bug.cgi?id=956082
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84047
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c689b4f1bac352dcfd6ecb9a1d45337de0f1de67
- http://lists.opensuse.org/opensuse-updates/2013-07/msg00057.html
- http://osvdb.org/93032
- http://rhn.redhat.com/errata/RHSA-2013-0791.html
- http://rhn.redhat.com/errata/RHSA-2013-0896.html
- http://secunia.com/advisories/53325
- http://www.openwall.com/lists/oss-security/2013/05/06/5
- http://www.securityfocus.com/bid/59675
- http://www.securitytracker.com/id/1028521
- https://bugzilla.redhat.com/show_bug.cgi?id=956082
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84047