VDB
CVE-2007-4993
CVE-2007-4993
PUBLISHED
CVSS 6.900000095367432 MEDIUM
pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements.
EPSS 0.27% · 51.2th percentile
Risk Scores
CVSS 2.0
6.900000095367432
EPSS Score
0.27%
51.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| xensource_inc | xen | 3.0.3 |
| n/a | n/a | n/a |
Exploit Intelligence
- MDKSA-2007:203 (circl)
- https://issues.rpath.com/browse/RPL-1752 (circl)
- FEDORA-2007-2270 (circl)
- 27047 (circl)
- 26986 (circl)
- 27486 (circl)
- 27085 (circl)
- http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1068 (circl)
- 27141 (circl)
- FEDORA-2007-2708 (circl)
…and 11 more exploits
Timeline
- Sep 27, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- MDKSA-2007:203 vendor-advisory
- https://issues.rpath.com/browse/RPL-1752 url
- FEDORA-2007-2270 vendor-advisory
- 27047 third-party-advisory
- 26986 third-party-advisory
- 27486 third-party-advisory
- 27085 third-party-advisory
- http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1068 url
- 27141 third-party-advisory
- FEDORA-2007-2708 vendor-advisory
- 27103 third-party-advisory
- 20071008 rPSA-2007-0210-1 xen mailing-list
- RHSA-2007:0323 vendor-advisory
- 27161 third-party-advisory
- 25825 vdb
- 27072 third-party-advisory
- oval:org.mitre.oval:def:11240 vdb
- FEDORA-2007-713 vendor-advisory
- USN-527-1 vendor-advisory
- DSA-1384 vendor-advisory
…and 2 more