CVE-2015-0236

EPSS 0.49%

發布日:2015/1/29修改日:2026/4/28

描述

libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface.

受影響套件(1)

Debian/libvirtfrom 0, < 1.2.9-8

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-0236