{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2013-03-20T15:00:00Z"}, "references": [{"name": "58178", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/58178"}, {"name": "DSA-2650", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2013/dsa-2650"}, {"name": "52628", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/52628"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-1766", "state": "PUBLISHED", "dateReserved": "2013-02-19T00:00:00Z", "datePublished": "2013-03-20T15:00:00Z", "dateUpdated": "2013-03-20T15:00:00Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*", "matchCriteriaId": "AAE537D6-11ED-4F11-AD3B-6EEF27F27712", "versionEndIncluding": "1.0.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "4AFF5EF5-280A-499B-BD63-361EDC49A923", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C2A0DD5B-AFDD-4DA4-B19C-2CA73FA9B477", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "DE616C79-74E0-4876-83D7-BE04CB954F92", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "87FF4782-A017-4D6F-9588-BE0AD4AA04E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "4B7FDA56-4C79-4D79-9EDA-8A936C7D8DE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "FF62226E-E4FE-4AF5-86A2-344148158A22", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C540F8A3-E12A-403B-81D2-CDB28DE03E47", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "A0900588-EBF9-4459-B1D7-588B72E40689", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "FE650A9D-D12D-43C5-B276-B3116CF096F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "359F1970-822B-4430-86EB-15091B2B4338", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "D08DB661-40DF-4234-9F6B-2EE0746FAC8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "E86D1293-6881-4F9D-B245-E16040921DF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "C49F1101-0845-478F-BEA1-67185A763D37", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "4F1FDF3E-87F8-4CBF-99F8-DBB03C7D2318", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "DA319732-E860-459E-9C20-ED31D90510DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "06B16020-5330-4F99-8DD3-8B4037E22CFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "9BCA6D83-281F-4B28-9CB2-253614017B5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "FEBBD0C7-F9D3-48D4-8D76-1FAFFB049300", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "C97CB42C-C89F-4BE6-80AC-A020EBF369FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "FCC2F2D6-90E3-4306-A29A-0A507BDF889C", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "AB533B81-AFF3-442E-A499-555F2181F64D", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "53AD34A3-9097-4375-BB30-CAED13987396", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E37E3B-18A8-4D34-9400-2C18D0DBAAAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "36EAE07C-284D-4BEB-ABDF-28C157B3B90B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "E28C5275-39D4-4C7C-A064-70161FE35802", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "643D7C4C-6BD9-49CE-A7FD-819300CA955C", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "77476F3F-A914-4EC6-9488-189BD9E1AE6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "B22C7B3D-169D-45CC-B1C1-9864991B3E05", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "3D6D1F10-2908-42E0-8D8F-1FBBC804505D", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "FC9ABBF2-B1AD-446A-A3D2-E103D1B411A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "450BD95B-5CE1-49E7-B6DB-6C14D9115CC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "508578FC-BDC7-4B44-9F98-BD6CD657F57B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "FD25F37B-C666-4EDB-AD77-CCE04A800348", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "B8903EA9-D354-4C9E-B308-653689534AFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "F811BE37-6F53-4663-819F-E954787C345B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "2886A659-24BD-483B-8FCD-5BC21573EE42", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "65FD148D-0088-47D5-AAC1-E0E990F9D170", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "84613074-CFA0-4C0B-B896-0751F652EA71", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BCCF73F-8542-4955-ACD6-44F199D49CB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "05C7EF0F-C069-424A-9B3F-D07C72450ADA", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "5F25DF6A-34D5-4D5B-AFAF-7A21202460EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "B67C29ED-2975-47F0-AE75-875A380ECC56", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "EC90B806-1FB3-434E-A664-2842AD3BA9CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "8DCDC5B5-1DD4-4FF4-8AB4-D38F5418B873", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "0054B43A-F844-47C8-B03A-01696117B7E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "A5C78A50-0F41-405C-9ABA-EE088D0ABE60", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "8322F4E2-0AD0-497B-871E-233C0E0F1490", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "E41CEF32-4998-41D5-B971-12E7F4E39FB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "E43FD74C-5986-4E9E-9C4F-9891133084A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "8D504B27-7BD0-4CB1-B8CA-76B7C537A4C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "CBFD9B43-52BA-4FF9-84A1-369B1A96A166", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "10EE76EF-44D3-4645-B1E7-5BCFB4CB4204", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "934215BC-33D1-453F-B49B-23B52E580214", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "F274792B-F190-4A23-A551-6B07EA4028B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "F9D67FBC-4009-4FC1-B0CF-AA3C1505C2F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E2059834-5A26-4DB9-B400-DBBE15690AAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "F2F6277D-6732-44BA-91B4-D57877E011BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "2553A171-A830-4540-8CC6-51275F72AAEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "61C2C484-7AAB-475C-A44E-6D9DCF597DD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "04A75CCF-28E1-44CC-962C-C56A4F64B370", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "B0E8A1AF-740A-454C-8019-B52654589603", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "F040825C-C457-40A1-A04C-F362289E13F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "3327FB7D-92DB-479F-BF1C-2565C8F1B25C", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "48F55C0A-3E6E-4E24-81D7-F023728E486A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "ACB7C00E-DF4E-40AF-A503-202A2FE03D5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.10:*:*:*:*:*:*:*", "matchCriteriaId": "6AB4E8A8-2B6C-4287-937B-C67A97EAB67A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.11:*:*:*:*:*:*:*", "matchCriteriaId": "53C3F149-D917-4BB6-B264-F316DD96D2B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.12:*:*:*:*:*:*:*", "matchCriteriaId": "78C18997-7086-4BB0-8490-EDB5394951F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.13:*:*:*:*:*:*:*", "matchCriteriaId": "37F280ED-37E3-4AB5-9BF1-AC935D904503", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E13A6AAE-BC1B-4CE1-B747-84F9C6B3FF73", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6DDA1805-ED8A-44AA-96FF-E676D278CCFD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors."}, {"lang": "es", "value": "libvirt v1.0.2 y anteriores establece el propietario del grupo de archivos de dispositivo para kvm, permite a usuarios locales escribir en estos archivos a trav\u00e9s de vectores no especificados."}], "id": "CVE-2013-1766", "lastModified": "2013-03-21T16:34:13.433", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-03-20T15:55:00.960", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/52628"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2013/dsa-2650"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/58178"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}