Xensource Inc » XEN : Security Vulnerabilities, CVEs, CVSS score >= 5
pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-09-27
Updated
2018-10-15
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
Max CVSS
6.0
EPSS Score
0.04%
Published
2007-10-28
Updated
2017-09-29
2 vulnerabilities found