{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-03-14T00:00:00", "descriptions": [{"lang": "en", "value": "The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device.  NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "fedora-xen-qemuvnc-information-disclosure(33085)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"}, {"name": "51413", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51413"}, {"name": "22967", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22967"}, {"name": "ADV-2007-1021", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1021"}, {"name": "ADV-2007-1019", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1019"}, {"name": "RHSA-2007:0114", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"}, {"name": "34304", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/34304"}, {"name": "ADV-2007-1020", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1020"}, {"name": "oval:org.mitre.oval:def:10486", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"}, {"name": "openSUSE-SU-2012:1572", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"}, {"name": "FEDORA-2007-344", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://fedoranews.org/cms/node/2802"}, {"name": "SUSE-SU-2014:0446", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"}, {"name": "FEDORA-2007-343", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://fedoranews.org/cms/node/2803"}, {"name": "24575", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24575"}, {"name": "1017764", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1017764"}, {"name": "openSUSE-SU-2012:1573", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2007-0998", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device.  NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "fedora-xen-qemuvnc-information-disclosure(33085)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"}, {"name": "51413", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51413"}, {"name": "22967", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22967"}, {"name": "ADV-2007-1021", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1021"}, {"name": "ADV-2007-1019", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1019"}, {"name": "RHSA-2007:0114", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"}, {"name": "34304", "refsource": "OSVDB", "url": "http://osvdb.org/34304"}, {"name": "ADV-2007-1020", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1020"}, {"name": "oval:org.mitre.oval:def:10486", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"}, {"name": "openSUSE-SU-2012:1572", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"}, {"name": "FEDORA-2007-344", "refsource": "FEDORA", "url": "http://fedoranews.org/cms/node/2802"}, {"name": "SUSE-SU-2014:0446", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"}, {"name": "FEDORA-2007-343", "refsource": "FEDORA", "url": "http://fedoranews.org/cms/node/2803"}, {"name": "24575", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24575"}, {"name": "1017764", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017764"}, {"name": "openSUSE-SU-2012:1573", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:43:21.585Z"}, "title": "CVE Program Container", "references": [{"name": "fedora-xen-qemuvnc-information-disclosure(33085)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"}, {"name": "51413", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/51413"}, {"name": "22967", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/22967"}, {"name": "ADV-2007-1021", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1021"}, {"name": "ADV-2007-1019", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1019"}, {"name": "RHSA-2007:0114", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"}, {"name": "34304", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/34304"}, {"name": "ADV-2007-1020", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1020"}, {"name": "oval:org.mitre.oval:def:10486", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"}, {"name": "openSUSE-SU-2012:1572", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"}, {"name": "FEDORA-2007-344", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://fedoranews.org/cms/node/2802"}, {"name": "SUSE-SU-2014:0446", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"}, {"name": "FEDORA-2007-343", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://fedoranews.org/cms/node/2803"}, {"name": "24575", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24575"}, {"name": "1017764", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1017764"}, {"name": "openSUSE-SU-2012:1573", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2007-0998", "datePublished": "2007-03-20T10:00:00", "dateReserved": "2007-02-16T00:00:00", "dateUpdated": "2024-08-07T12:43:21.585Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop:*:*:*:*:*", "matchCriteriaId": "FE524195-06F1-4504-9223-07596588CC70", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop_multiple_os:*:*:*:*:*", "matchCriteriaId": "AB55CA0F-06FB-4CED-BB2F-AB99C32062CF", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*", "matchCriteriaId": "40D71CBC-D365-4710-BAB5-8A1159F35E41", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:virtualization:*:*:*:*:*", "matchCriteriaId": "37E17F28-76A9-4F73-8F58-35390BDCE6EE", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DA3B94B6-A5E4-4432-802E-BFAD7F3B5B4C", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:fedora_core:core6:*:*:*:*:*:*:*", "matchCriteriaId": "E007512B-2A01-4915-82D1-EDDEE8ED3190", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:xen:qemu:*:*:*:*:*:*:*:*", "matchCriteriaId": "1AC03235-6F95-414A-8C93-5215E801676E", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device.  NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "La implementaci\u00f3n del servidor VNC en QEMU, como es usada por Xen y posiblemente otros entornos, permite a usuarios locales de un sistema operativo invitado leer archivos arbitrarios en el sistema operativo host por medio de vectores no especificados relacionados con el modo de monitoreo de QEMU, como es demostrado al mapear archivos hacia un dispositivo CDROM. NOTA: algunos de estos detalles son obtenidos a partir de informaci\u00f3n de terceros."}], "id": "CVE-2007-0998", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-03-20T10:19:00.000", "references": [{"source": "secalert@redhat.com", "url": "http://fedoranews.org/cms/node/2802"}, {"source": "secalert@redhat.com", "url": "http://fedoranews.org/cms/node/2803"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"}, {"source": "secalert@redhat.com", "url": "http://osvdb.org/34304"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/24575"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/51413"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/22967"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1017764"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1019"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1020"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1021"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://fedoranews.org/cms/node/2802"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://fedoranews.org/cms/node/2803"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/34304"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/24575"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/51413"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/22967"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1017764"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1019"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1020"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1021"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}, {"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2007:0114", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "xen-0:3.0.3-25.0.3.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2007-03-14T00:00:00Z"}], "bugzilla": {"description": "HVM guest VNC server allows compromise of entire host OS by any VNC console user", "id": "230295", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=230295"}, "csaw": false, "details": ["The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device.  NOTE: some of these details are obtained from third party information."], "name": "CVE-2007-0998", "public_date": "2007-03-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2007-0998\nhttps://nvd.nist.gov/vuln/detail/CVE-2007-0998"], "threat_severity": "Important"}