12 Déc 2018
CVE-2018-16867 - CVE Vulnerability
A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host. (CVSS:0.0) (Last Update:2018-12-12)
Vulnerability Details : A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host. Publish Date : 2018-12-12 Last Update Date : 2018-12-12 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2018-16867
- References For CVE-2018-16867
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2018-16867There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |