CVE-2007-4993 — Vulnetix

Try Vulnetix Request Demo

CVE-2007-4993 PUBLISHED CVSS 6.900000095367432 MEDIUM

pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements.

EPSS 0.26% · 49.6th percentile

Risk Scores

CVSS v2.0

6.900000095367432

EPSS Score

0.26%

49.6th percentile

Affected Products

Vendor	Product	Versions
xensource_inc	xen	3.0.3
n/a	n/a	n/a

Timeline

Sep 27, 2007 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

MDKSA-2007:203 vendor-advisory
https://issues.rpath.com/browse/RPL-1752 url
FEDORA-2007-2270 vendor-advisory
27047 third-party-advisory
26986 third-party-advisory
27486 third-party-advisory
27085 third-party-advisory
http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1068 url
27141 third-party-advisory
FEDORA-2007-2708 vendor-advisory
27103 third-party-advisory
20071008 rPSA-2007-0210-1 xen mailing-list
RHSA-2007:0323 vendor-advisory
27161 third-party-advisory
25825 vdb
27072 third-party-advisory
oval:org.mitre.oval:def:11240 vdb
FEDORA-2007-713 vendor-advisory
USN-527-1 vendor-advisory
DSA-1384 vendor-advisory

…and 2 more

Open in Interactive Console →