7.2

CVE-2007-1320

EPSS 0.16%
Veröffentlicht 02.05.2007 17:19:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 26

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qemu ≫ Qemu Version0.8.2

Xen ≫ Xen Version-

Fedoraproject ≫ Fedora Version8

Fedoraproject ≫ Fedora Version9

Fedoraproject ≫ Fedora Core Version6

Opensuse ≫ Opensuse Version11.0

Opensuse ≫ Opensuse Version11.1

Debian ≫ Debian Linux Version3.1

Debian ≫ Debian Linux Version4.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.16%	0.332

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html

Third Party Advisory

Mailing List

http://osvdb.org/35494

Broken Link

http://secunia.com/advisories/25073

Third Party Advisory

http://secunia.com/advisories/25095

Third Party Advisory

http://secunia.com/advisories/27047

Third Party Advisory

http://secunia.com/advisories/27085

Third Party Advisory

http://secunia.com/advisories/27103

Third Party Advisory

http://secunia.com/advisories/27486

Third Party Advisory

http://secunia.com/advisories/29129

Third Party Advisory

http://secunia.com/advisories/30413

Third Party Advisory

http://secunia.com/advisories/33568

Third Party Advisory

http://taviso.decsystem.org/virtsec.pdf

Third Party Advisory

Technical Description

http://www.debian.org/security/2007/dsa-1284

Third Party Advisory

http://www.debian.org/security/2007/dsa-1384

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2007:203

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2008:162

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2007-0323.html

Third Party Advisory

http://www.securityfocus.com/bid/23731

Third Party Advisory

VDB Entry

http://www.vupen.com/english/advisories/2007/1597

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10315

Third Party Advisory

https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.html

Third Party Advisory

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00706.html

Third Party Advisory

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00935.html

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2007-1320

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-1320

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-1320

EUVD