Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2007-4993

pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements.

  • Published: Sep 27, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-4993
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.9
  • AV:L/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
xensource_inc / xen 3.0.3 3.0.3.x