Release date: 2012-09-05
Updated on: 2012-09-06
Affected Systems:
XenSource Xen 4.x
XenSource Xen 3.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 55410
Cve id: CVE-2012-3497
Xen is an open-source Virtual Machine monitor developed by the University of Cambridge.
Xen has multiple security vulnerabilities. Attackers can exploit these vulnerabilities to execute arbitrary code in the context of an application, cause the affected application to crash, reject legitimate users, and perform unauthorized operations.
<* Source: vendor
Link: http://secunia.com/advisories/50472/
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
XenSource
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://xen.xensource.com/