QEMU 3.0.0 Integer Overflow Vulnerability in qga/commands*.c Files

QEMU 3.0.0 Integer Overflow Vulnerability in qga/commands*.c Files

CVE-2019-12247 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

QEMU 3.0.0 has an Integer Overflow because the qga/commands*.c files do not check the length of the argument list or the number of environment variables. NOTE: This has been disputed as not exploitable

Learn more about our Web Application Penetration Testing UK.