CVE-2008-5714

Published: Dec 24, 2008Modified: Apr 23, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended.

Affected (1)

Products: Qemu: Qemu

Qemu

1 product

Qemu

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Qemu Qemu	Version 0.9.1

Related CWEs

CWE-189

References (24)

http://lists.gnu.org/archive/html/qemu-devel/2008-11/msg01224.html

Source: cve@mitre.org

http://lists.gnu.org/archive/html/qemu-devel/2008-12/msg00498.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html

Source: cve@mitre.org

http://secunia.com/advisories/33568

Source: cve@mitre.org

http://secunia.com/advisories/34642

Source: cve@mitre.org

http://secunia.com/advisories/35062

Source: cve@mitre.org

http://svn.savannah.gnu.org/viewvc/?view=rev&root=qemu&revision=5966

Source: cve@mitre.org

http://svn.savannah.gnu.org/viewvc/trunk/monitor.c?root=qemu&r1=5966&r2=5965&pathrev=5966

Source: cve@mitre.org

http://www.securityfocus.com/bid/33020

Source: cve@mitre.org

http://www.ubuntu.com/usn/usn-776-1

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/47683

Source: cve@mitre.org

http://lists.gnu.org/archive/html/qemu-devel/2008-11/msg01224.html