Citrix XenServer 6.5.0 Service Pack 1

CPE Details

Citrix XenServer 6.5.0 Service Pack 1
citrix
xenserver
6.5.0
2016-08-03
15h12 +00:00
2021-05-13
14h02 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:citrix:xenserver:6.5.0:sp1:*:*:*:*:*:*

Informations

Vendor

citrix

Product

xenserver

Version

6.5.0

Update

sp1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2016-6258 2016-08-02 14h00 +00:00 The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
8.8
High
CVE-2016-6259 2016-08-02 14h00 +00:00 Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.
6.2
Medium
CVE-2016-5302 2016-06-13 12h00 +00:00 Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Active Directory account.
9.8
Critical
CVE-2016-3710 2016-05-11 19h00 +00:00 The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
8.8
High
CVE-2016-3712 2016-05-11 19h00 +00:00 Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
5.5
Medium