CVE-2012-3516 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.9 UNKNOWN	LOCAL	MEDIUM		AV:L/AC:M/Au:N/C:C/I:C/A:C
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 24%

Vendor	Product	Version
citrix	xenserver	𝑥 ≤ 6.0.2
xen	xen	4.2.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

xen

bullseye	4.14.6-1 fixed
bullseye (security)	4.14.5+94-ge49571868d-1 fixed
bookworm	4.17.3+10-g091466ba55-1~deb12u1 fixed
sid	4.17.3+36-g54dacb5c02-1 fixed
trixie	4.17.3+36-g54dacb5c02-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

xen

quantal	not-affected
precise	not-affected
oneiric	not-affected
lucid	dne
hardy	dne

xen-3.1

quantal	dne
precise	dne
oneiric	dne
lucid	dne
hardy	not-affected

xen-3.2

quantal	dne
precise	dne
oneiric	dne
lucid	dne
hardy	not-affected

xen-3.3

quantal	dne
precise	dne
oneiric	dne
lucid	not-affected
hardy	dne

Common Weakness Enumeration

CWE-264 -

References

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html

http://secunia.com/advisories/50472

http://secunia.com/advisories/50530

http://support.citrix.com/article/CTX134708

http://wiki.xen.org/wiki/Security_Announcements#XSA-18_grant_table_entry_swaps_have_inadequate_bounds_checking

http://www.openwall.com/lists/oss-security/2012/09/05/11

http://www.securityfocus.com/bid/55411

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html

http://secunia.com/advisories/50472

http://secunia.com/advisories/50530

http://support.citrix.com/article/CTX134708

http://wiki.xen.org/wiki/Security_Announcements#XSA-18_grant_table_entry_swaps_have_inadequate_bounds_checking

http://www.openwall.com/lists/oss-security/2012/09/05/11

http://www.securityfocus.com/bid/55411