CVE-2015-5154 in QEMUinfo

Summary

Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

07/01/2015

Disclosure

08/12/2015

Moderation

VulDB entry created

Entries

1: VDB-77069

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

5.9

EPSS

0.00388

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-5154
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-5154
CVE Details	https://www.cvedetails.com/cve/CVE-2015-5154/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!