Hottest Free Downloads - DownloadPipe.com Over 197,000 downloads! Bookmark Now!
DownloadPipe.com - New Downloads Every Minute
 SEARCH:
FAQFAQ    SearchSearch      ProfileProfile    Private MessagesPrivate Messages   Log inLog in

Bug#553589: CVE-2009-3616: Multiple use-after-free vulnera..

  
   Linux (Home) -> Bugs RC RSS
Next:  Bug#553583: CVE-2009-3829 CVE-2009-3551 CVE-2009-..  
Author Message
Giuseppe Iuculano

External


Since: Oct 05, 2009
Posts: 5



(Msg. 1) Posted: Sun Nov 01, 2009 6:25 am
Post subject: Bug#553589: CVE-2009-3616: Multiple use-after-free vulnerabilities in vnc.c
Archived from groups: linux>debian>bugs>rc (more info?)
Package: qemu
Version: 0.10.6-1
Severity: grave
Tags: security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for qemu.

CVE-2009-3616[0]:
| Multiple use-after-free vulnerabilities in vnc.c in the VNC server in
| QEMU 0.10.6 and earlier might allow guest OS users to execute
| arbitrary code on the host OS by establishing a connection from a VNC
| client and then (1) disconnecting during data transfer, (2) sending a
| message using incorrect integer data types, or (3) using the Fuzzy
| Screen Mode protocol, related to double free vulnerabilities.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3616
http://security-tracker.debian.org/tracker/CVE-2009-3616

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkrtXlEACgkQNxpp46476ao3NgCdGPnMHfTITK7HUXeruU2ZGG/2
bsEAn2GLZX9LZxbBxn6T+lwsQ/yjX/8R
=F/Fd
-----END PGP SIGNATURE-----



--
To UNSUBSCRIBE, email to debian-bugs-rc-REQUEST RemoveThis @lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster RemoveThis @lists.debian.org
Back to top
Login to vote
Display posts from previous:   
Related Topics:
Bug#553583: CVE-2009-3829 CVE-2009-3551 CVE-2009-3550 CVE-.. - Package: wireshark Severity: grave Tags: security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for wireshark. CVE-2009-3829[0]: | Integer overflow in wiretap/erf.c in....

Bug#551936: expat: CVE-2009-2625 - package: expat version: 1.95.8-3 severity: serious tags: security hello, a security issue has been disclosed for expat. see [0],[1]. this affects all supported debian releases, so please coordinate with the security team to prepare DSAs. mike [0]..

Bug#551938: w3c-libwww: CVE-2009-2625 - package: w3c-libwww version: 5.4.0-11 severity: serious tags: security hello, a security issue has been disclosed for expat. see [0], [1]. w3c-libwww embeds expat, so it is also affected. this affects all supported debian releases, so please coordinat...

Bug#471380: viewvc: Multiple security issues - Package: viewvc Severity: grave Tags: security Justification: user security hole Viewvc 1.0.5 fixes several security issues: * security fix: omit commits of all-forbidden files from query results * security fix: disallow direct URL navigation to..

Bug#505563: Mozilla Thunderbird Multiple Vulnerabilities - Thanks Alexander, Be advised that the normal approach to fixing a RC bug during lenny deep freeze is by back porting the fix, rather than uploading the new upstream release. Have debian-release been engaged? Mark -original message- Subject: Re:..
       Linux (Home) -> Bugs RC All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Categories:
 Windows Forums
 Game Forums
  Linux Forums
 Mac Forums
 PDA Forums
 Mobile Forums
  Top  |  Store  |  RSS Feeds RSS  |  Data Feeds  |  Advertise  |  Submit  |  Bookmark  |  Newsletter  |  Contact