Hosts, virtual machines. Floppy drive controllers code (Xen, KVM, VirtualBox) in QEMU. May be possible to craft memory overflow in code to execute code, therefore attacker reads memory in virtual machines on the host. VMs running data apps means may be vulnerable to data exposure.
Here’s another nice one if you’re interested … As am busy with reading about exploitation techniques last weeks I also read this one.
Goes pretty deep and pretty advanced for a novice like me but still interesting to see how much possibilities exist in today architectures…