Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended.
References
Configurations
History
21 Nov 2024, 00:54
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.gnu.org/archive/html/qemu-devel/2008-11/msg01224.html - | |
References | () http://lists.gnu.org/archive/html/qemu-devel/2008-12/msg00498.html - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html - | |
References | () http://secunia.com/advisories/33568 - | |
References | () http://secunia.com/advisories/34642 - | |
References | () http://secunia.com/advisories/35062 - | |
References | () http://svn.savannah.gnu.org/viewvc/?view=rev&root=qemu&revision=5966 - | |
References | () http://svn.savannah.gnu.org/viewvc/trunk/monitor.c?root=qemu&r1=5966&r2=5965&pathrev=5966 - | |
References | () http://www.securityfocus.com/bid/33020 - | |
References | () http://www.ubuntu.com/usn/usn-776-1 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/47683 - |
Information
Published : 2008-12-24 18:29
Updated : 2024-11-21 00:54
NVD link : CVE-2008-5714
Mitre link : CVE-2008-5714
CVE.ORG link : CVE-2008-5714
JSON object : View
Products Affected
qemu
- qemu
CWE
CWE-189
Numeric Errors