Search Results (Refine Search)
- CPE Product Version: cpe:/a:citrix:xenserver:5.6:sp2
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-4606 |
Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges. Published: January 23, 2020; 5:15:09 PM -0500 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2012-3495 |
The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors. Published: November 23, 2012; 3:55:03 PM -0500 |
V3.x:(not available) V2.0: 6.1 MEDIUM |