CVE-2007-1320 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-1320
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-1320

Description: Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow.

CVE Status: Candidate

References: SUSE http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html SAID Secunia Advisory: SA27486 Secunia Advisory: SA27103 Secunia Advisory: SA25095 Secunia Advisory: SA27085 Secunia Advisory: SA25073 Secunia Advisory: SA27047 Secunia Advisory: SA30413 Secunia Advisory: SA29129 Secunia Advisory: SA33568 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0323.html MISC http://taviso.decsystem.org/virtsec.pdf MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:203 http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 FEDORA DEBIAN http://www.debian.org/security/2007/dsa-1384 http://www.debian.org/security/2007/dsa-1284 BID 23731

Return to the previous page.