Home > Vulnerability Database > CVE-2007-6416

Mend.io Vulnerability Database

CVE-2007-6416

Date: December 17, 2007

The copy_to_user function in the PAL emulation functionality for Xen 3.1.2 and earlier, when running on ia64 systems, allows HVM guest users to access arbitrary physical memory by triggering certain mapping operations.

Severity Score

5.9

Related Resources (10)

Url: http://www.redhat.com/support/errata/RHSA-2008-0089.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-6416

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9840

Url: http://www.securityfocus.com/bid/26954

Url: https://access.redhat.com/security/cve/CVE-2007-6416

Url: http://xenbits.xensource.com/ext/ia64/xen-unstable.hg?rev/e6069a715fd7

Url: http://osvdb.org/41344

Url: http://secunia.com/advisories/28146

Url: http://secunia.com/advisories/28643

Url: https://www.mend.io/vulnerability-database/CVE-2007-6416

Severity Score

5.9

Weakness Type (CWE)

Permissions, Privileges, and Access Control

CWE-264

CVSS v3.1

Base Score:	5.9
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	4.6
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2007-6416

Date: December 17, 2007

Severity Score

Related Resources (10)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?