CVE-2008-1945 Information

Feb 14, 2021 cve

Description

QEMU 0.9.0 does not properly handle changes to removable media which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format a related issue to CVE-2008-2004.

Reference

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html http://secunia.com/advisories/32063 http://secunia.com/advisories/32088 http://secunia.com/advisories/34642 http://secunia.com/advisories/35031 http://secunia.com/advisories/35062 http://www.debian.org/security/2009/dsa-1799 http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 http://www.securityfocus.com/bid/30604 http://www.securitytracker.com/id?1020959 http://www.ubuntu.com/usn/usn-776-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/44269 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9905 https://rhn.redhat.com/errata/RHSA-2008-0892.html

Share on: