admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-30 02:00:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2013/CVE-2013-19xx/CVE-2013-1920.json

334 lines
12 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2013-1920",
"sourceIdentifier": "secalert@redhat.com",
"published": "2013-04-12T22:55:01.210",
Auto-Update: 2024-11-22T19:12:10.918177+00:00
2024-11-22 19:15:24 +00:00
"lastModified": "2024-11-21T01:50:40.710",
bootstrap
2023-04-24 12:24:31 +02:00
"vulnStatus": "Modified",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"cveTags": [],
bootstrap
2023-04-24 12:24:31 +02:00
"descriptions": [
{
"lang": "en",
"value": "Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is running \"under memory pressure\" and the Xen Security Module (XSM) is enabled, uses the wrong ordering of operations when extending the per-domain event channel tracking table, which causes a use-after-free and allows local guest kernels to inject arbitrary events and gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "Xen v4.2.x, v4.1.x, y anteriores, cuando el hypervisor se est\u00e1 ejecutando \"bajo presi\u00f3n de memoria\" y el M\u00f3dulo de Seguridad Xen (XSM) est\u00e1 activado, usa un orden de operaciones incorrecto cuando se extiende la tabla de seguimiento del canal de eventos por dominio, lo que ocasiona una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n y permite inyectar eventos de su elecci\u00f3n a los n\u00facleos locales de clientes y obtener privilegios a trav\u00e9s de vectores no especificados."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
Auto-Update: 2024-11-22T19:12:10.918177+00:00
2024-11-22 19:15:24 +00:00
"baseScore": 4.4,
bootstrap
2023-04-24 12:24:31 +02:00
"accessVector": "LOCAL",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
Auto-Update: 2024-11-22T19:12:10.918177+00:00
2024-11-22 19:15:24 +00:00
"availabilityImpact": "PARTIAL"
bootstrap
2023-04-24 12:24:31 +02:00
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D62197-4FF7-4B73-8DC6-6E9344AF7CAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "44CAE6A7-9817-472C-B1C6-3FF196304D08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E96BB7DE-0A6A-4418-A879-159F5FF88615"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7568820A-ED66-47DF-A9B0-27A474D6C2C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5D8C046D-BE62-43BA-9F50-B4D383475EA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B81B6EEB-D01E-432D-AEBF-707409741C0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4B60DE-A8C0-459E-A99C-6EF0D3264B75"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A83F4F7E-53CF-4066-857B-2154D25979D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "048E790E-B0A1-4504-9299-0B6D9CB0C509"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB157D09-B91B-486A-A9F7-C9BA75AE8823"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA95119D-EAF1-48D4-AE7C-0C4927D06CDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D40E4E4-3FCB-4980-8DD2-49DDABCB398E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7D1B7E-C30F-430F-832D-2A405DA1F2D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7C1D0AD-B804-474C-96A3-988BADA0DAD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCD1F05-9F96-40DD-B506-750E87306325"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "25B6AE42-E1EB-47A8-8FAF-7A93A67EC67F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:3.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "60BADA43-94D5-4E80-B5C8-D01A0249F13E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "550223A9-B9F1-440A-8C25-9F0F76AF7301"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC734D58-96E5-4DD2-8781-F8E0ADB96462"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62CEC1BF-1922-410D-BCBA-C58199F574C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "923F2C2B-4A65-4823-B511-D0FEB7C7FAB2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A24DED-B2EC-4D9C-9FA4-DD37EF3E3BFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D83CA8B-8E49-45FA-8FAB-C15052474542"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27537DF5-7E0F-463F-BA87-46E329EE07AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA4F978-9145-4FE6-B4F9-15207E52C40A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "22A995FD-9B7F-4DF0-BECF-4B086E470F1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "47640819-FC43-49ED-8A77-728C3D7255B3"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00049.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.xen.org/archives/html/xen-announce/2013-04/msg00000.html",
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
Auto-Update: 2024-04-04T08:42:25.815847+00:00
2024-04-04 08:46:00 +00:00
{
"url": "http://osvdb.org/92050",
"source": "secalert@redhat.com"
},
{
"url": "http://secunia.com/advisories/52857",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/55082",
"source": "secalert@redhat.com"
},
bootstrap
2023-04-24 12:24:31 +02:00
{
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
"source": "secalert@redhat.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/04/04/7",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/bid/58880",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securitytracker.com/id/1028388",
"source": "secalert@redhat.com"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83226",
"source": "secalert@redhat.com"
Auto-Update: 2024-11-22T19:12:10.918177+00:00
2024-11-22 19:15:24 +00:00
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00049.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://lists.xen.org/archives/html/xen-announce/2013-04/msg00000.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://osvdb.org/92050",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/52857",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/55082",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/04/04/7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/58880",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securitytracker.com/id/1028388",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83226",
"source": "af854a3a-2127-422b-91ae-364da2661108"
bootstrap
2023-04-24 12:24:31 +02:00
}
]
}
Reference in New Issue Copy Permalink