Published: 30/10/2007 Updated: 15/12/2020

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the mtu overflow vulnerability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu 0.8.2
debian debian linux 3.1
debian debian linux 4.0
opensuse opensuse 11.0
opensuse opensuse 11.1

CWE-119 http://taviso.decsystem.org/virtsec.pdf http://www.debian.org/security/2007/dsa-1284 http://www.mandriva.com/security/advisories?name=MDKSA-2007:203 http://www.attrition.org/pipermail/vim/2007-October/001842.html http://www.securityfocus.com/bid/23731 http://secunia.com/advisories/27486 http://secunia.com/advisories/25073 http://secunia.com/advisories/25095 http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 http://osvdb.org/42986 http://secunia.com/advisories/29129 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html http://secunia.com/advisories/33568 http://www.vupen.com/english/advisories/2007/1597 https://exchange.xforce.ibmcloud.com/vulnerabilities/38238 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-5729

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect