Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2007-5730

Published: 30/10/2007 Updated: 15/12/2020
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Qemu

Vulnerability Summary

Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the individual net socket listen vulnerability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qemu qemu 0.8.2

debian debian linux 3.1

debian debian linux 4.0

Vendor Advisories

Debian CVElist Bug Report Logs: qemu: CVE-2008-0928 privilege escalation
Debian Bug report logs - #469649 qemu: CVE-2008-0928 privilege escalation Package: qemu; Maintainer for qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Source for qemu is src:qemu (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Thu, 6 Mar 2008 11:18:04 UTC Severity: importan ...

References

CWE-787http://taviso.decsystem.org/virtsec.pdfhttp://www.debian.org/security/2007/dsa-1284http://www.mandriva.com/security/advisories?name=MDKSA-2007:203http://www.attrition.org/pipermail/vim/2007-October/001842.htmlhttp://www.securityfocus.com/bid/23731http://secunia.com/advisories/27486http://secunia.com/advisories/25073http://secunia.com/advisories/25095http://www.redhat.com/support/errata/RHSA-2008-0194.htmlhttp://secunia.com/advisories/29963http://www.mandriva.com/security/advisories?name=MDVSA-2008:162http://osvdb.org/42985http://secunia.com/advisories/29129http://www.vupen.com/english/advisories/2007/1597https://exchange.xforce.ibmcloud.com/vulnerabilities/38239https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10000https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469649https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook