CVE-2007-4993
pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements.
Date published : 2007-09-27
http://www.securityfocus.com/bid/25825
http://www.securityfocus.com/archive/1/481825/100/0/threaded