QEMU CVE-2018-16872 Directory Traversal Vulnerability

Bugtraq ID:	106212
Class:	Input Validation Error
CVE:	CVE-2018-16872
Remote:	Yes
Local:	No
Published:	Dec 13 2018 12:00AM
Updated:	Dec 13 2018 12:00AM
Credit:	Michael Hanselmann
Vulnerable:	QEMU QEMU 0
Not Vulnerable:

QEMU CVE-2018-16872 Directory Traversal Vulnerability

QEMU is prone to a directory-traversal vulnerability.

An attacker can exploit this issue using directory-traversal characters ('../') to access and write arbitrary files or to execute arbitrary files.

QEMU CVE-2018-16872 Directory Traversal Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.