Skip to main content

Xenserver CVE-2012-5512

LOW
Configuration (CWE-16)
2012-12-13 secalert@redhat.com
3.2
CVSS 2.0 · NVD

Severity by source

NVD PRIMARY
3.2 LOW
AV:L/AC:L/Au:S/C:P/I:N/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:L/AC:L/Au:S/C:P/I:N/A:P
Attack Vector
Local
Attack Complexity
Low
Confidentiality
P
Integrity
None
Availability
P

Lifecycle Timeline

1
CVE Published
Dec 13, 2012 - 11:53 cve.org
LOW 3.2

DescriptionCVE.org

Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors.

AnalysisAI

Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-16. Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors. Affected products include: Citrix Xenserver.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2012-0217 HIGH POC
7.2 Jun 12

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and

CVE-2015-7705 CRITICAL
9.8 Aug 07

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified

CVE-2018-8897 HIGH POC
7.8 May 08

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) wa

CVE-2015-7704 HIGH
7.5 Aug 07

The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service v

CVE-2014-4947 CRITICAL
10.0 Jul 22

Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified i

CVE-2016-5302 CRITICAL
9.8 Jun 13

Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow re

CVE-2018-14007 CRITICAL
9.8 Aug 15

Citrix XenServer 7.1 and newer allows Directory Traversal. Rated critical severity (CVSS 9.8), this vulnerability is rem

CVE-2017-12134 HIGH
8.8 Aug 24

The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt bloc

CVE-2016-9383 HIGH
8.8 Jan 23

Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently ob

CVE-2016-6258 HIGH
8.8 Aug 02

The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain h

CVE-2016-3710 HIGH
8.8 May 11

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS

CVE-2017-12135 HIGH
8.8 Aug 24

Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain pr

Share

CVE-2012-5512 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy