CVE-2017-2633.json

2025-06-10 02:04:31 +00:00 · 2018-07-27 12:23:30 +02:00 · 2018-07-27 12:23:30 +02:00 · 7199429de0
commit 7199429de0
parent bd36f6bae5
1 changed files with 75 additions and 16 deletions
--- a/2017/2xxx/CVE-2017-2633.json
+++ b/2017/2xxx/CVE-2017-2633.json
@ -1,18 +1,77 @@
 {
-   "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
-      "ID" : "CVE-2017-2633",
-      "STATE" : "RESERVED"
-   },
-   "data_format" : "MITRE",
-   "data_type" : "CVE",
-   "data_version" : "4.0",
-   "description" : {
-      "description_data" : [
-         {
-            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
-         }
-      ]
-   }
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2017-2633",
+        "ASSIGNER": "anemec@redhat.com"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "QEMU",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Qemu:",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "1.7.2"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-120"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2633",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2633",
+                "refsource": "CONFIRM"
+            }
+        ]
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A user inside a guest could use this flaw to crash the QEMU process."
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            [
+                {
+                    "vectorString": "5.4/CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
+                    "version": "3.0"
+                }
+            ],
+            [
+                {
+                    "vectorString": "3.8/AV:A/AC:M/Au:S/C:N/I:P/A:P",
+                    "version": "2.0"
+                }
+            ]
+        ]
+    }
 }