{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-12-22T00:00:00", "descriptions": [{"lang": "en", "value": "The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "35062", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35062"}, {"name": "1021489", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1021489"}, {"name": "4803", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/4803"}, {"name": "ADV-2008-3488", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/3488"}, {"name": "FEDORA-2008-11705", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01223.html"}, {"name": "33303", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33303"}, {"name": "34642", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34642"}, {"name": "33293", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33293"}, {"name": "USN-776-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-776-1"}, {"name": "33350", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33350"}, {"tags": ["x_refsource_MISC"], "url": "http://www.coresecurity.com/content/vnc-remote-dos"}, {"name": "SUSE-SR:2009:002", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"}, {"name": "33568", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33568"}, {"name": "SUSE-SR:2009:008", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"}, {"name": "20081222 CORE-2008-1210: Qemu and KVM VNC server remote DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/499502/100/0/threaded"}, {"name": "1021488", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1021488"}, {"name": "32910", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/32910"}, {"name": "ADV-2008-3489", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/3489"}, {"name": "qemu-kvm-protocolclientmsg-dos(47561)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47561"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-2382", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "35062", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35062"}, {"name": "1021489", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1021489"}, {"name": "4803", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/4803"}, {"name": "ADV-2008-3488", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/3488"}, {"name": "FEDORA-2008-11705", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01223.html"}, {"name": "33303", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33303"}, {"name": "34642", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34642"}, {"name": "33293", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33293"}, {"name": "USN-776-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-776-1"}, {"name": "33350", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33350"}, {"name": "http://www.coresecurity.com/content/vnc-remote-dos", "refsource": "MISC", "url": "http://www.coresecurity.com/content/vnc-remote-dos"}, {"name": "SUSE-SR:2009:002", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"}, {"name": "33568", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33568"}, {"name": "SUSE-SR:2009:008", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"}, {"name": "20081222 CORE-2008-1210: Qemu and KVM VNC server remote DoS", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/499502/100/0/threaded"}, {"name": "1021488", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1021488"}, {"name": "32910", "refsource": "BID", "url": "http://www.securityfocus.com/bid/32910"}, {"name": "ADV-2008-3489", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/3489"}, {"name": "qemu-kvm-protocolclientmsg-dos(47561)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47561"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:58:02.609Z"}, "title": "CVE Program Container", "references": [{"name": "35062", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35062"}, {"name": "1021489", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1021489"}, {"name": "4803", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/4803"}, {"name": "ADV-2008-3488", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/3488"}, {"name": "FEDORA-2008-11705", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01223.html"}, {"name": "33303", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33303"}, {"name": "34642", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34642"}, {"name": "33293", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33293"}, {"name": "USN-776-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-776-1"}, {"name": "33350", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33350"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.coresecurity.com/content/vnc-remote-dos"}, {"name": "SUSE-SR:2009:002", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"}, {"name": "33568", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33568"}, {"name": "SUSE-SR:2009:008", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"}, {"name": "20081222 CORE-2008-1210: Qemu and KVM VNC server remote DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/499502/100/0/threaded"}, {"name": "1021488", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1021488"}, {"name": "32910", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/32910"}, {"name": "ADV-2008-3489", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/3489"}, {"name": "qemu-kvm-protocolclientmsg-dos(47561)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47561"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-2382", "datePublished": "2008-12-24T17:00:00", "dateReserved": "2008-05-21T00:00:00", "dateUpdated": "2024-08-07T08:58:02.609Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "matchCriteriaId": "A8674DEE-1197-4B49-BC90-D27D6F3A254A", "versionEndIncluding": "0.9.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "BC82CD08-F151-489C-9BC4-50C8C9583718", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "75D04344-C6CE-40D5-97ED-42B3DBA1AAD7", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "71CC4D45-66BE-4C23-B541-DD4604ACC9FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2E41058D-380C-4098-96FB-53CC158ED420", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "BFE12226-C599-45A2-8CFD-32753F94204B", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "C06F8832-B32F-4352-B048-A4ADCE85373E", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "5278C685-988B-40D7-9AE9-B4FB8AF41C8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C6C6B20B-2E5D-4D25-885A-227A4BE5EEBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "F2FF7251-031D-4A9B-9AF0-1FFE556456D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "4D942D17-1AA9-4D5A-8F5E-0F4F762522D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "5A2519BF-5F68-4096-8DE2-2C7BCF7200D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "6B00BD71-2AE5-47BA-999A-7E89590B86C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "CA6701A9-78CC-49D0-A40A-CB1C774400AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "40B5A7F2-B5B2-46CF-BBD0-AB986A8E55EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "DBEBD56F-EFBC-4620-A77C-E215A7AFDAFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C45EA44-ECD1-40A7-89CE-D770BDC9DB4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "83088B0F-A6F8-4F47-99C0-09FEA234272F", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "17E948D4-6C1A-43D2-B128-1A728FD61703", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "6470915C-CA3C-42CA-B69B-0FC40A33D02D", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "759505BA-6F19-4BAE-8297-D8F30EEC8D8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A98CC34-2DB7-46CD-AA60-A7C08DDF22B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E424B63B-DCD8-4209-A4CB-84C1EDF5B255", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "F9576AA2-2FDD-4063-8D84-DE8DB063AC54", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "544368B2-37BE-41DD-8DC2-F04B6A394696", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "14A6B570-09CE-4AFF-AC8C-51F37FC79811", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "EC5670FB-B9EA-4B9C-BB7B-575494F12CA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "27650033-1C9F-4175-A26F-D9082A36F079", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F1D35E0-2033-4ADE-9ADA-3B45996B53B1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kvm_qumranet:kvm:*:*:*:*:*:*:*:*", "matchCriteriaId": "01CEC7D9-BE2D-47CF-992A-D1DA1290BB79", "versionEndIncluding": "79", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:1:*:*:*:*:*:*:*", "matchCriteriaId": "927856FD-699A-455E-872C-4619F13CC696", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:2:*:*:*:*:*:*:*", "matchCriteriaId": "80D7EB5C-208E-4AC9-A7E6-CA45FE39F6AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:3:*:*:*:*:*:*:*", "matchCriteriaId": "FC3B46FB-B418-4C72-AAC6-EFBACBB6CA04", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:4:*:*:*:*:*:*:*", "matchCriteriaId": "9F798498-A8A5-490C-8B45-ABD51F9DB6E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:5:*:*:*:*:*:*:*", "matchCriteriaId": "8B0F495D-5A7E-4433-A3C2-40B77FCA0193", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:6:*:*:*:*:*:*:*", "matchCriteriaId": "61CDEC11-6914-4BF0-832D-A0E9F4E6B325", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:7:*:*:*:*:*:*:*", "matchCriteriaId": "87B44D5E-D4D0-4070-8C8D-62E5EFFA6DBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:8:*:*:*:*:*:*:*", "matchCriteriaId": "085BB420-696B-4F9D-BCF8-943324C815B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:9:*:*:*:*:*:*:*", "matchCriteriaId": "D96F3802-0B67-4B13-9CA3-648E273C9AB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:10:*:*:*:*:*:*:*", "matchCriteriaId": "A9ED5DA0-B05A-414F-8C48-C760B9E48D12", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:11:*:*:*:*:*:*:*", "matchCriteriaId": "4B16CC7E-3BA7-4EAF-9573-F748D3F70895", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:12:*:*:*:*:*:*:*", "matchCriteriaId": "C3E3EDE6-FD2C-428B-BC30-4450B560EE03", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:13:*:*:*:*:*:*:*", "matchCriteriaId": "7C4C3C34-A494-4103-9744-F97B189EB139", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:14:*:*:*:*:*:*:*", "matchCriteriaId": "A7DB261C-022F-4E87-8817-220D708B7BB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:15:*:*:*:*:*:*:*", "matchCriteriaId": "3F8081B6-B115-40F4-85BF-44D95FEB2DB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:16:*:*:*:*:*:*:*", "matchCriteriaId": "A1509F71-4739-4BB0-89BC-09102E64B2BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:17:*:*:*:*:*:*:*", "matchCriteriaId": "D8B819D5-CE12-4A47-B5C7-E393FE53B8D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:18:*:*:*:*:*:*:*", "matchCriteriaId": "F97A5763-16A3-476A-BEAB-9BD6433B704C", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:19:*:*:*:*:*:*:*", "matchCriteriaId": "79D201B5-1033-4F06-8914-FA84AFEC220C", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:20:*:*:*:*:*:*:*", "matchCriteriaId": "F8C5D978-48F5-4A5F-B124-18CF242FD1BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:21:*:*:*:*:*:*:*", "matchCriteriaId": "711DFBBE-5122-4052-956F-5D29D30F4393", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:22:*:*:*:*:*:*:*", "matchCriteriaId": "5ACBEF01-CE36-4740-98FD-D76A8ED3E73B", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:23:*:*:*:*:*:*:*", "matchCriteriaId": "43068D90-D790-4058-9EB6-7A7679F17020", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:24:*:*:*:*:*:*:*", "matchCriteriaId": "F6C1BC7B-CD0C-458E-8535-431FD5D2096A", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:25:*:*:*:*:*:*:*", "matchCriteriaId": "035D2991-9E2C-4EF9-A5E5-CE3E1BDF37C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:26:*:*:*:*:*:*:*", "matchCriteriaId": "FCD45965-2843-4B07-9FAC-A167BA2669AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:27:*:*:*:*:*:*:*", "matchCriteriaId": "D51C2378-CC9A-474A-A376-9552383AFDBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:28:*:*:*:*:*:*:*", "matchCriteriaId": "9D9A43C4-8646-472A-818F-4EB4A4FF3FDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:29:*:*:*:*:*:*:*", "matchCriteriaId": "10429C36-01BD-434B-86F3-5477817C63F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:30:*:*:*:*:*:*:*", "matchCriteriaId": "09A28F5F-6766-4691-9B96-A8D5B567857E", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:31:*:*:*:*:*:*:*", "matchCriteriaId": "B64E6D75-F837-404D-877F-91486B086B1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:32:*:*:*:*:*:*:*", "matchCriteriaId": "5B8ACEE0-EF9A-47B0-B06A-CB738A23BB39", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:33:*:*:*:*:*:*:*", "matchCriteriaId": "90B0EC10-B23B-4AF2-B655-91DCA4C5DBF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:34:*:*:*:*:*:*:*", "matchCriteriaId": "05D88B54-D07F-4AA4-B18B-717A84401B20", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:35:*:*:*:*:*:*:*", "matchCriteriaId": "E95C02AD-7EDB-4CF3-BB0E-24BCECDC29C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:36:*:*:*:*:*:*:*", "matchCriteriaId": "4E0E6873-855B-4766-B003-2EE7730C7C03", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:37:*:*:*:*:*:*:*", "matchCriteriaId": "A085C91B-F83F-4DC1-88DB-7F0C0C567994", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:38:*:*:*:*:*:*:*", "matchCriteriaId": "D514CCFA-C0DE-4368-ACBA-810404389040", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:39:*:*:*:*:*:*:*", "matchCriteriaId": "4A862A1C-9CAA-4440-A3C1-6186E76B82A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:40:*:*:*:*:*:*:*", "matchCriteriaId": "DB7DF720-CA08-4B4B-AA67-AED22739FE00", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:41:*:*:*:*:*:*:*", "matchCriteriaId": "0CFB6CE0-70F9-412C-A6F6-2ACF4B28620F", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:42:*:*:*:*:*:*:*", "matchCriteriaId": "69C45BE5-525F-4825-B3C1-617DF4DCFE2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:43:*:*:*:*:*:*:*", "matchCriteriaId": "514A7CEC-8F4A-44E1-AC8C-80F8D356F81A", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:44:*:*:*:*:*:*:*", "matchCriteriaId": "06C95D8F-D0FB-4C1A-954B-D7EFA4308E19", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:45:*:*:*:*:*:*:*", "matchCriteriaId": "B8A7E3D2-1569-4C3C-8F61-162B39AFDCD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:46:*:*:*:*:*:*:*", "matchCriteriaId": "5BC15957-6926-456F-A932-1A8DBA4BFAC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:47:*:*:*:*:*:*:*", "matchCriteriaId": "21CAEE0A-43B7-451F-A411-704BDBA75E59", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:48:*:*:*:*:*:*:*", "matchCriteriaId": "AECBA134-17A0-4DFF-A351-F0FA20B8072C", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:49:*:*:*:*:*:*:*", "matchCriteriaId": "6BBB47DA-52A3-4698-AEE6-3E4B862142D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:50:*:*:*:*:*:*:*", "matchCriteriaId": "F249D4DF-4039-40FC-8DE8-2E84BACADE13", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:51:*:*:*:*:*:*:*", "matchCriteriaId": "8D266CE5-B627-44A0-8B6A-1D5EC01359AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:52:*:*:*:*:*:*:*", "matchCriteriaId": "65017E24-FD9E-4868-B5B5-E6770C3D1F1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:53:*:*:*:*:*:*:*", "matchCriteriaId": "5AD0FD4D-FD25-4C3E-80E0-C7BD2D44B68D", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:54:*:*:*:*:*:*:*", "matchCriteriaId": "85BB06DD-A688-40A0-919E-70CF7DD1692E", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:55:*:*:*:*:*:*:*", "matchCriteriaId": "94F52513-FA65-4C72-995A-2AC1745AAEB0", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:56:*:*:*:*:*:*:*", "matchCriteriaId": "A894ED7A-90F3-4E31-B464-3BDBB56E3BD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:57:*:*:*:*:*:*:*", "matchCriteriaId": "8B8D6DEF-CDA9-46D1-8CF6-3601D21FA736", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:58:*:*:*:*:*:*:*", "matchCriteriaId": "AED843EB-8EC6-44BC-ABB6-85EE36798575", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:59:*:*:*:*:*:*:*", "matchCriteriaId": "2A39450A-E07D-4D1A-B5F4-681F20681F31", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:60:*:*:*:*:*:*:*", "matchCriteriaId": "96DBF33A-C16A-4854-8B23-60BC282437D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:61:*:*:*:*:*:*:*", "matchCriteriaId": "63B79460-EB85-4074-9882-B600D821A92B", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:62:*:*:*:*:*:*:*", "matchCriteriaId": "0F65C6C6-109D-4FED-8E3C-CE356C8FCFDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:63:*:*:*:*:*:*:*", "matchCriteriaId": "596165F0-F3A3-42FA-93B6-95850B28F8A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:64:*:*:*:*:*:*:*", "matchCriteriaId": "0F86B298-74A8-47E3-9B2D-A996D31AE0DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:65:*:*:*:*:*:*:*", "matchCriteriaId": "84996052-A402-491D-88CC-C666579086BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:66:*:*:*:*:*:*:*", "matchCriteriaId": "9244EA69-EAA0-4682-AE12-74C394E4018C", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:67:*:*:*:*:*:*:*", "matchCriteriaId": "92496E8A-B197-4AAE-8A5B-F3F1A876662D", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:68:*:*:*:*:*:*:*", "matchCriteriaId": "39941844-34AB-424E-A462-22413324B616", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:69:*:*:*:*:*:*:*", "matchCriteriaId": "4CA9FB34-D170-4382-BF7F-682BB0089B62", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:70:*:*:*:*:*:*:*", "matchCriteriaId": "C038FDF9-33C4-4370-A0AC-ADAD1081BA7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:71:*:*:*:*:*:*:*", "matchCriteriaId": "60B158F8-5E75-4B3C-A7BC-147DD848FA68", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:72:*:*:*:*:*:*:*", "matchCriteriaId": "8BB1B11C-ADA4-42C3-9716-1E4B9E9A6244", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:73:*:*:*:*:*:*:*", "matchCriteriaId": "71D11E82-0E03-4954-B831-4971602E723F", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:74:*:*:*:*:*:*:*", "matchCriteriaId": "72274EE0-85CA-40CE-9801-FA3703D85AA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:75:*:*:*:*:*:*:*", "matchCriteriaId": "779529DA-B95C-4DCD-9D13-E1378696770C", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:76:*:*:*:*:*:*:*", "matchCriteriaId": "1D7DEBB9-6D2A-4EE2-AEBA-945E9085AC66", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:77:*:*:*:*:*:*:*", "matchCriteriaId": "F49BE82E-2C61-423F-B913-614EFFC6B0C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:kvm_qumranet:kvm:78:*:*:*:*:*:*:*", "matchCriteriaId": "FD75E472-9DA6-4D64-A0E8-4D222B79CA96", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message."}, {"lang": "es", "value": "La funci\u00f3n protocol_client_msg en vnc.c en el servidor VNC en (1) Qemu 0.9.1 y anteriores y (2) KVM kvm-79 y anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bucle infinito) mediante un cierto mensaje."}], "id": "CVE-2008-2382", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-12-24T18:29:15.733", "references": [{"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/33293"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/33303"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/33350"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/33568"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/34642"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/35062"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/4803"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1021488"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://securitytracker.com/id?1021489"}, {"source": "cve@mitre.org", "url": "http://www.coresecurity.com/content/vnc-remote-dos"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/499502/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/32910"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-776-1"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/3488"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/3489"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47561"}, {"source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01223.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/33293"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/33303"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/33350"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/33568"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/34642"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35062"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/4803"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1021488"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://securitytracker.com/id?1021489"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.coresecurity.com/content/vnc-remote-dos"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/499502/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/32910"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-776-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/3488"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/3489"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47561"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01223.html"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the version of the Xen package as shipped with Red Hat Enterprise Linux 5.\n", "lastModified": "2009-01-05T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "qemu/kvm: remote DoS (infinite loop) via specially-crafted VNC message received by the domain", "id": "477636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=477636"}, "csaw": false, "cwe": "CWE-835", "details": ["The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message."], "name": "CVE-2008-2382", "public_date": "2008-12-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2008-2382\nhttps://nvd.nist.gov/vuln/detail/CVE-2008-2382"], "statement": "Not vulnerable. This issue did not affect the version of the Xen package as shipped with Red Hat Enterprise Linux 5.", "threat_severity": "Moderate"}