7.2

CVE-2007-1321

EPSS 0.04%
Veröffentlicht 30.10.2007 22:46:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier was inadvertently used by some sources to cover multiple issues that were labeled "NE2000 network driver and the socket code," but separate identifiers have been created for the individual vulnerabilities since there are sometimes different fixes; see CVE-2007-5729 and CVE-2007-5730.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 24

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qemu ≫ Qemu Version0.8.2

Xen ≫ Xen Version-

Fedoraproject ≫ Fedora Version7

Fedoraproject ≫ Fedora Core Version6

Debian ≫ Debian Linux Version3.1

Debian ≫ Debian Linux Version4.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.114

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://secunia.com/advisories/25073

Third Party Advisory

http://secunia.com/advisories/25095

Third Party Advisory

http://secunia.com/advisories/27047

Third Party Advisory

http://secunia.com/advisories/27103

Third Party Advisory

http://secunia.com/advisories/27486

Third Party Advisory

http://secunia.com/advisories/29129

Third Party Advisory

http://taviso.decsystem.org/virtsec.pdf

Third Party Advisory

Technical Description

http://www.debian.org/security/2007/dsa-1284

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2007:203

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2008:162

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2007-0323.html

Third Party Advisory

http://www.securityfocus.com/bid/23731

Third Party Advisory

VDB Entry

http://www.vupen.com/english/advisories/2007/1597

Third Party Advisory

https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.html

Third Party Advisory

http://secunia.com/advisories/27072

Third Party Advisory

https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.html

Third Party Advisory

https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00030.html

Third Party Advisory

http://osvdb.org/35495

Broken Link

http://securitytracker.com/id?1018761

Third Party Advisory

VDB Entry

http://www.attrition.org/pipermail/vim/2007-October/001842.html

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9302

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2007-1321

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-1321

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-1321

EUVD