{"uuid": "f2b1f036-4279-49c7-9c0c-92e25655390b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4207", "type": "seen", "source": "https://t.me/arpsyndicate/694", "content": "#ExploitObserverAlert\n\nCVE-2021-4207\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-4207. A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.\n\nFIRST-EPSS: 0.000500000\nNVD-IS: 6.0\nNVD-ES: 1.5", "creation_timestamp": "2023-11-29T07:42:11.000000Z"}