Vulnerabilites related to xen - qemu
Vulnerability from fkie_nvd
Published
2007-03-20 10:19
Modified
2024-11-21 00:27
Severity ?
Summary
The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information.
References
secalert@redhat.comhttp://fedoranews.org/cms/node/2802
secalert@redhat.comhttp://fedoranews.org/cms/node/2803
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
secalert@redhat.comhttp://osvdb.org/34304
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2007-0114.htmlPatch
secalert@redhat.comhttp://secunia.com/advisories/24575Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/51413
secalert@redhat.comhttp://www.securityfocus.com/bid/22967
secalert@redhat.comhttp://www.securitytracker.com/id?1017764
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/1019Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/1020Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/1021Vendor Advisory
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/33085
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486
af854a3a-2127-422b-91ae-364da2661108http://fedoranews.org/cms/node/2802
af854a3a-2127-422b-91ae-364da2661108http://fedoranews.org/cms/node/2803
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/34304
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2007-0114.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24575Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/51413
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/22967
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017764
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1019Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1020Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1021Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/33085
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop:*:*:*:*:*",
                     matchCriteriaId: "FE524195-06F1-4504-9223-07596588CC70",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop_multiple_os:*:*:*:*:*",
                     matchCriteriaId: "AB55CA0F-06FB-4CED-BB2F-AB99C32062CF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*",
                     matchCriteriaId: "40D71CBC-D365-4710-BAB5-8A1159F35E41",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:virtualization:*:*:*:*:*",
                     matchCriteriaId: "37E17F28-76A9-4F73-8F58-35390BDCE6EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA3B94B6-A5E4-4432-802E-BFAD7F3B5B4C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:fedora_core:core6:*:*:*:*:*:*:*",
                     matchCriteriaId: "E007512B-2A01-4915-82D1-EDDEE8ED3190",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:xen:qemu:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1AC03235-6F95-414A-8C93-5215E801676E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device.  NOTE: some of these details are obtained from third party information.",
      },
      {
         lang: "es",
         value: "La implementación del servidor VNC en QEMU, como es usada por Xen y posiblemente otros entornos, permite a usuarios locales de un sistema operativo invitado leer archivos arbitrarios en el sistema operativo host por medio de vectores no especificados relacionados con el modo de monitoreo de QEMU, como es demostrado al mapear archivos hacia un dispositivo CDROM. NOTA: algunos de estos detalles son obtenidos a partir de información de terceros.",
      },
   ],
   id: "CVE-2007-0998",
   lastModified: "2024-11-21T00:27:15.167",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2007-03-20T10:19:00.000",
   references: [
      {
         source: "secalert@redhat.com",
         url: "http://fedoranews.org/cms/node/2802",
      },
      {
         source: "secalert@redhat.com",
         url: "http://fedoranews.org/cms/node/2803",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://osvdb.org/34304",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Patch",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2007-0114.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/24575",
      },
      {
         source: "secalert@redhat.com",
         url: "http://secunia.com/advisories/51413",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.securityfocus.com/bid/22967",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.securitytracker.com/id?1017764",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.vupen.com/english/advisories/2007/1019",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.vupen.com/english/advisories/2007/1020",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.vupen.com/english/advisories/2007/1021",
      },
      {
         source: "secalert@redhat.com",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085",
      },
      {
         source: "secalert@redhat.com",
         url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://fedoranews.org/cms/node/2802",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://fedoranews.org/cms/node/2803",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://osvdb.org/34304",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2007-0114.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/24575",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/51413",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/22967",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id?1017764",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.vupen.com/english/advisories/2007/1019",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.vupen.com/english/advisories/2007/1020",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.vupen.com/english/advisories/2007/1021",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-264",
            },
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2007-0998
Vulnerability from cvelistv5
Published
2007-03-20 10:00
Modified
2024-08-07 12:43
Severity ?
Summary
The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/33085vdb-entry, x_refsource_XF
http://secunia.com/advisories/51413third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/22967vdb-entry, x_refsource_BID
http://www.vupen.com/english/advisories/2007/1021vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/1019vdb-entry, x_refsource_VUPEN
http://rhn.redhat.com/errata/RHSA-2007-0114.htmlvendor-advisory, x_refsource_REDHAT
http://osvdb.org/34304vdb-entry, x_refsource_OSVDB
http://www.vupen.com/english/advisories/2007/1020vdb-entry, x_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486vdb-entry, signature, x_refsource_OVAL
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.htmlvendor-advisory, x_refsource_SUSE
http://fedoranews.org/cms/node/2802vendor-advisory, x_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.htmlvendor-advisory, x_refsource_SUSE
http://fedoranews.org/cms/node/2803vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/24575third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1017764vdb-entry, x_refsource_SECTRACK
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.htmlvendor-advisory, x_refsource_SUSE
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T12:43:21.585Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "fedora-xen-qemuvnc-information-disclosure(33085)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085",
               },
               {
                  name: "51413",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/51413",
               },
               {
                  name: "22967",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/22967",
               },
               {
                  name: "ADV-2007-1021",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2007/1021",
               },
               {
                  name: "ADV-2007-1019",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2007/1019",
               },
               {
                  name: "RHSA-2007:0114",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2007-0114.html",
               },
               {
                  name: "34304",
                  tags: [
                     "vdb-entry",
                     "x_refsource_OSVDB",
                     "x_transferred",
                  ],
                  url: "http://osvdb.org/34304",
               },
               {
                  name: "ADV-2007-1020",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2007/1020",
               },
               {
                  name: "oval:org.mitre.oval:def:10486",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486",
               },
               {
                  name: "openSUSE-SU-2012:1572",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html",
               },
               {
                  name: "FEDORA-2007-344",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://fedoranews.org/cms/node/2802",
               },
               {
                  name: "SUSE-SU-2014:0446",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html",
               },
               {
                  name: "FEDORA-2007-343",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://fedoranews.org/cms/node/2803",
               },
               {
                  name: "24575",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/24575",
               },
               {
                  name: "1017764",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id?1017764",
               },
               {
                  name: "openSUSE-SU-2012:1573",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2007-03-14T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device.  NOTE: some of these details are obtained from third party information.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-10-10T00:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "fedora-xen-qemuvnc-information-disclosure(33085)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085",
            },
            {
               name: "51413",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/51413",
            },
            {
               name: "22967",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/22967",
            },
            {
               name: "ADV-2007-1021",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2007/1021",
            },
            {
               name: "ADV-2007-1019",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2007/1019",
            },
            {
               name: "RHSA-2007:0114",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2007-0114.html",
            },
            {
               name: "34304",
               tags: [
                  "vdb-entry",
                  "x_refsource_OSVDB",
               ],
               url: "http://osvdb.org/34304",
            },
            {
               name: "ADV-2007-1020",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2007/1020",
            },
            {
               name: "oval:org.mitre.oval:def:10486",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486",
            },
            {
               name: "openSUSE-SU-2012:1572",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html",
            },
            {
               name: "FEDORA-2007-344",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://fedoranews.org/cms/node/2802",
            },
            {
               name: "SUSE-SU-2014:0446",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html",
            },
            {
               name: "FEDORA-2007-343",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://fedoranews.org/cms/node/2803",
            },
            {
               name: "24575",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/24575",
            },
            {
               name: "1017764",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id?1017764",
            },
            {
               name: "openSUSE-SU-2012:1573",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "secalert@redhat.com",
               ID: "CVE-2007-0998",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device.  NOTE: some of these details are obtained from third party information.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "fedora-xen-qemuvnc-information-disclosure(33085)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085",
                  },
                  {
                     name: "51413",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/51413",
                  },
                  {
                     name: "22967",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/22967",
                  },
                  {
                     name: "ADV-2007-1021",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2007/1021",
                  },
                  {
                     name: "ADV-2007-1019",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2007/1019",
                  },
                  {
                     name: "RHSA-2007:0114",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2007-0114.html",
                  },
                  {
                     name: "34304",
                     refsource: "OSVDB",
                     url: "http://osvdb.org/34304",
                  },
                  {
                     name: "ADV-2007-1020",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2007/1020",
                  },
                  {
                     name: "oval:org.mitre.oval:def:10486",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486",
                  },
                  {
                     name: "openSUSE-SU-2012:1572",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html",
                  },
                  {
                     name: "FEDORA-2007-344",
                     refsource: "FEDORA",
                     url: "http://fedoranews.org/cms/node/2802",
                  },
                  {
                     name: "SUSE-SU-2014:0446",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html",
                  },
                  {
                     name: "FEDORA-2007-343",
                     refsource: "FEDORA",
                     url: "http://fedoranews.org/cms/node/2803",
                  },
                  {
                     name: "24575",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/24575",
                  },
                  {
                     name: "1017764",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id?1017764",
                  },
                  {
                     name: "openSUSE-SU-2012:1573",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2007-0998",
      datePublished: "2007-03-20T10:00:00",
      dateReserved: "2007-02-16T00:00:00",
      dateUpdated: "2024-08-07T12:43:21.585Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}