Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2007-1321

Published: 30/10/2007 Updated: 15/12/2020
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Qemu

Vulnerability Summary

Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier was inadvertently used by some sources to cover multiple issues that were labeled "NE2000 network driver and the socket code," but separate identifiers have been created for the individual vulnerabilities since there are sometimes different fixes; see CVE-2007-5729 and CVE-2007-5730.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qemu qemu 0.8.2

fedoraproject fedora 7

fedoraproject fedora core 6

debian debian linux 3.1

debian debian linux 4.0

Vendor Advisories

Debian CVElist Bug Report Logs: security issues not fixed in qemu in unstable
Debian Bug report logs - #424070 security issues not fixed in qemu in unstable Package: qemu; Maintainer for qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Source for qemu is src:qemu (PTS, buildd, popcon) Reported by: Stefan Fritsch <sf@sfritschde> Date: Tue, 15 May 2007 16:48:01 UTC Severity: ...
Debian Security Advisories: DSA-1284-1 qemu -- several vulnerabilities
Several vulnerabilities have been discovered in the QEMU processor emulator, which may lead to the execution of arbitrary code or denial of service The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1320 Tavis Ormandy discovered that a memory management routine of the Cirrus video driver performs ...

References

NVD-CWE-Otherhttp://taviso.decsystem.org/virtsec.pdfhttp://www.debian.org/security/2007/dsa-1284http://www.redhat.com/support/errata/RHSA-2007-0323.htmlhttps://www.redhat.com/archives/fedora-package-announce/2007-October/msg00030.htmlhttps://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.htmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:203http://www.attrition.org/pipermail/vim/2007-October/001842.htmlhttp://www.securityfocus.com/bid/23731http://securitytracker.com/id?1018761http://secunia.com/advisories/27072http://secunia.com/advisories/27103http://secunia.com/advisories/27486http://secunia.com/advisories/25073http://secunia.com/advisories/25095http://secunia.com/advisories/27047https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:162http://secunia.com/advisories/29129http://www.vupen.com/english/advisories/2007/1597http://osvdb.org/35495https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9302https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=424070https://nvd.nist.govhttps://www.debian.org/security/./dsa-1284
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook