CVE-2014-0179 in Red Hat and OpenSuse Products
Published on August 3, 2014

libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2014-0179

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2014-0179 are published in these products:

Red Hat Libvirt

Red Hat Enterprise Linux (RHEL)

OpenSuse

Red Hat Enterprise Virtualization

Exploit Probability

EPSS

0.11%

Percentile

28.92%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2014-0179 in Red Hat and OpenSuse ProductsPublished on August 3, 2014

Products Associated with CVE-2014-0179

Exploit Probability

CVE-2014-0179 in Red Hat and OpenSuse Products
Published on August 3, 2014