openSUSE Security Update : qemu (qemu-1537)

This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The VNC server of qemu was vulnerable to use-after-free bugs, that
allowed the execution of code on the host system initiated from the
guest system. This can be used to escape from the guest machine to the
host machine. (CVE-2009-3616: CVSS v2 Base Score: 8.5)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=547554

Solution :

Update the affected qemu package.

Risk factor :

High / CVSS Base Score : 8.5
(CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 42859 ()

Bugtraq ID:

CVE ID: CVE-2009-3616

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now