CVE-2008-2382

Advisory lineage Upstream: 0 Downstream: 3
Modified
Published: 24 Dec 2008, 17:00
Last modified:07 Aug 2024, 08:58

Vulnerability Summary

Overall Risk (default)
medium
34/100
CVSS Score
5 MEDIUM
v2.0 (nvd)
EPSS Score
21.4% HIGH
21% probability +0.52%
KEV
Not listed
Ransomware
No reports
Public exploits
3 found
Dark Web
Not detected

Timeline

24 Dec 2008, 17:00
Published
Vulnerability first disclosed
07 Aug 2024, 08:58
Last Modified
Vulnerability information updated

Description

The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.

CVSS Metrics

  • v2.0MEDIUMScore: 5AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS Trends

Current EPSS score: 21.40% Percentile: 96%

Techniques & Countermeasures

  • CWE-399Resource Management Errors

    Weaknesses in this category are related to improper management of system resources.

Affected Systems

  • kvm_qumranetkvm

    ≤ 79 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78

  • qemuqemu

    ≤ 0.9.1 | 0.1.0 | 0.1.1 | 0.1.2 | 0.1.3 | 0.1.4 | 0.1.5 | 0.1.6 | 0.2.0 | 0.3.0 | 0.4.0 | 0.4.1 | 0.4.2 | 0.4.3 | 0.5.0 | 0.5.1 | 0.5.2 | 0.5.3 | 0.5.4 | 0.5.5 | 0.6.0 | 0.6.1 | 0.7.0 | 0.7.1 | 0.7.2 | 0.8.0 | 0.8.1 | 0.8.2 | 0.9.0

References (19)