CVE-2013-1766

{"id": "CVE-2013-1766", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-03-20T15:55:00.960", "references": [{"url": "http://secunia.com/advisories/52628", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2013/dsa-2650", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/58178", "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors."}, {"lang": "es", "value": "libvirt v1.0.2 y anteriores establece el propietario del grupo de archivos de dispositivo para kvm, permite a usuarios locales escribir en estos archivos a trav\u00e9s de vectores no especificados."}], "lastModified": "2013-03-21T16:34:13.433", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAE537D6-11ED-4F11-AD3B-6EEF27F27712", "versionEndIncluding": "1.0.2"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4AFF5EF5-280A-499B-BD63-361EDC49A923"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2A0DD5B-AFDD-4DA4-B19C-2CA73FA9B477"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE616C79-74E0-4876-83D7-BE04CB954F92"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87FF4782-A017-4D6F-9588-BE0AD4AA04E1"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B7FDA56-4C79-4D79-9EDA-8A936C7D8DE9"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF62226E-E4FE-4AF5-86A2-344148158A22"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C540F8A3-E12A-403B-81D2-CDB28DE03E47"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0900588-EBF9-4459-B1D7-588B72E40689"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE650A9D-D12D-43C5-B276-B3116CF096F0"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "359F1970-822B-4430-86EB-15091B2B4338"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D08DB661-40DF-4234-9F6B-2EE0746FAC8F"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E86D1293-6881-4F9D-B245-E16040921DF1"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C49F1101-0845-478F-BEA1-67185A763D37"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F1FDF3E-87F8-4CBF-99F8-DBB03C7D2318"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA319732-E860-459E-9C20-ED31D90510DE"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06B16020-5330-4F99-8DD3-8B4037E22CFB"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BCA6D83-281F-4B28-9CB2-253614017B5B"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEBBD0C7-F9D3-48D4-8D76-1FAFFB049300"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C97CB42C-C89F-4BE6-80AC-A020EBF369FA"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCC2F2D6-90E3-4306-A29A-0A507BDF889C"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB533B81-AFF3-442E-A499-555F2181F64D"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53AD34A3-9097-4375-BB30-CAED13987396"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E37E3B-18A8-4D34-9400-2C18D0DBAAAA"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36EAE07C-284D-4BEB-ABDF-28C157B3B90B"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E28C5275-39D4-4C7C-A064-70161FE35802"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "643D7C4C-6BD9-49CE-A7FD-819300CA955C"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77476F3F-A914-4EC6-9488-189BD9E1AE6A"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B22C7B3D-169D-45CC-B1C1-9864991B3E05"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D6D1F10-2908-42E0-8D8F-1FBBC804505D"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC9ABBF2-B1AD-446A-A3D2-E103D1B411A7"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "450BD95B-5CE1-49E7-B6DB-6C14D9115CC1"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "508578FC-BDC7-4B44-9F98-BD6CD657F57B"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD25F37B-C666-4EDB-AD77-CCE04A800348"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8903EA9-D354-4C9E-B308-653689534AFE"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F811BE37-6F53-4663-819F-E954787C345B"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2886A659-24BD-483B-8FCD-5BC21573EE42"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65FD148D-0088-47D5-AAC1-E0E990F9D170"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84613074-CFA0-4C0B-B896-0751F652EA71"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BCCF73F-8542-4955-ACD6-44F199D49CB3"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05C7EF0F-C069-424A-9B3F-D07C72450ADA"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F25DF6A-34D5-4D5B-AFAF-7A21202460EC"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B67C29ED-2975-47F0-AE75-875A380ECC56"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC90B806-1FB3-434E-A664-2842AD3BA9CD"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DCDC5B5-1DD4-4FF4-8AB4-D38F5418B873"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0054B43A-F844-47C8-B03A-01696117B7E7"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5C78A50-0F41-405C-9ABA-EE088D0ABE60"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8322F4E2-0AD0-497B-871E-233C0E0F1490"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E41CEF32-4998-41D5-B971-12E7F4E39FB9"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E43FD74C-5986-4E9E-9C4F-9891133084A7"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D504B27-7BD0-4CB1-B8CA-76B7C537A4C3"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CBFD9B43-52BA-4FF9-84A1-369B1A96A166"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10EE76EF-44D3-4645-B1E7-5BCFB4CB4204"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "934215BC-33D1-453F-B49B-23B52E580214"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F274792B-F190-4A23-A551-6B07EA4028B1"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9D67FBC-4009-4FC1-B0CF-AA3C1505C2F4"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2059834-5A26-4DB9-B400-DBBE15690AAB"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2F6277D-6732-44BA-91B4-D57877E011BD"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2553A171-A830-4540-8CC6-51275F72AAEB"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61C2C484-7AAB-475C-A44E-6D9DCF597DD8"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04A75CCF-28E1-44CC-962C-C56A4F64B370"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0E8A1AF-740A-454C-8019-B52654589603"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F040825C-C457-40A1-A04C-F362289E13F7"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3327FB7D-92DB-479F-BF1C-2565C8F1B25C"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48F55C0A-3E6E-4E24-81D7-F023728E486A"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACB7C00E-DF4E-40AF-A503-202A2FE03D5E"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AB4E8A8-2B6C-4287-937B-C67A97EAB67A"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53C3F149-D917-4BB6-B264-F316DD96D2B0"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78C18997-7086-4BB0-8490-EDB5394951F6"}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37F280ED-37E3-4AB5-9BF1-AC935D904503"}, {"criteria": "cpe:2.3:a:redhat:libvirt:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E13A6AAE-BC1B-4CE1-B747-84F9C6B3FF73"}, {"criteria": "cpe:2.3:a:redhat:libvirt:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DDA1805-ED8A-44AA-96FF-E676D278CCFD"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}