Vulnerability Name:

CVE-2008-1943 (CCN-42387)

Assigned:2008-05-13
Published:2008-05-13
Updated:2017-09-29
Summary:Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a shared framebuffer.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
1.6 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2008-1943

Source: CCN
Type: RHSA-2008-0194
Important: xen security and bug fix update

Source: SECUNIA
Type: Vendor Advisory
29963

Source: CCN
Type: SA30781
Xen PVFB Shared Framebuffer Processing Vulnerability

Source: SECUNIA
Type: Vendor Advisory
30781

Source: CCN
Type: SECTRACK ID: 1020008
Xen PVFB Bugs Let Local Users Deny Service or Gain Elevated Privileges

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0194

Source: BID
Type: UNKNOWN
29183

Source: CCN
Type: BID-29183
Xen Para Virtualized Frame Buffer Backend Local Buffer Overflow Vulnerability

Source: SECTRACK
Type: UNKNOWN
1020008

Source: VUPEN
Type: UNKNOWN
ADV-2008-1900

Source: CCN
Type: Xen Web site
Xen Community

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=443078

Source: XF
Type: UNKNOWN
xen-pvfb-description-dos(42387)

Source: XF
Type: UNKNOWN
xen-pvfb-description-dos(42387)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10338

Vulnerable Configuration:Configuration 1:
  • cpe:/o:redhat:desktop:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:virtualization_server:5:*:*:*:*:*:*:*
  • AND
  • cpe:/a:xensource:xen:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:xensource:xen:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:xensource:xen:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:xensource:xen:3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:xensource:xen:3.1.2:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/a:redhat:rhel_virtualization:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/a:redhat:rhel_virtualization:5::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/a:redhat:rhel_virtualization:5::server:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:xensource:xen:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:xensource:xen:3.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:xensource:xen:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:xensource:xen:3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:xensource:xen:3.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_virtualization:5:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:22720
    P
    		ELSA-2008:0194: xen security and bug fix update (Important)
    2014-05-26
    oval:org.mitre.oval:def:10338
    V
    		Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a shared framebuffer.
    2013-04-29
    oval:com.redhat.rhsa:def:20080194
    P
    		RHSA-2008:0194: xen security and bug fix update (Important)
    2008-05-13
    BACK
    redhat desktop 5
    redhat enterprise linux 5.0
    redhat enterprise linux 5.0
    redhat virtualization server 5
    xensource xen 3.0
    xensource xen 3.0.2
    xensource xen 3.0.3
    xensource xen 3.0.4
    xensource xen 3.1.2
    xensource xen 3.0.3
    xensource xen 3.1.2
    xensource xen 3.0.2
    xensource xen 3.0.4
    xensource xen 3.0
    redhat enterprise linux 5
    redhat rhel virtualization 5
    redhat enterprise linux 5
    redhat enterprise linux 5