source: http://www.securityfocus.com/bid/26666/info

QEMU is prone to a local denial-of-service vulnerability because it fails to perform adequate boundary checks when handling user-supplied input.

Attackers can exploit this issue to cause denial-of-service conditions. Given the nature of the issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.

QEMU 0.9.0 is vulnerable; other versions may also be affected.

http://www.exploit-db.com/sploits/30837.rar