CVE-2017-2633 Vulnerability Details

  /     /     /  

CVE-2017-2633 Metadata Quick Info

CVE Published: 27/07/2018 | CVE Updated: 05/08/2024 | CVE Year: 2017
Source: redhat | Vendor: QEMU | Product: Qemu:
Status : PUBLISHED

---

CVE-2017-2633 Description

An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the \'vnc_refresh_server_surface\'. A user inside a guest could use this flaw to crash the QEMU process.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-120
CWE Name: CWE-120
Source: QEMU

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).