Secunia
Login
|
|
CVE Reference: CVE-2007-1321 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-1321 |
|
|
Description: Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier was inadvertently used by some sources to cover multiple issues that were labeled "NE2000 network driver and the socket code," but separate identifiers have been created for the individual vulnerabilities since there are sometimes different fixes; see CVE-2007-5729 and CVE-2007-5730. |
|
|
CVE Status: Candidate |
|
|
References: VIM http://www.attrition.org/pipermail/vim/2007-October/001842.html ST 1018761 SAID Secunia Advisory: SA27072 Secunia Advisory: SA27103 Secunia Advisory: SA27486 Secunia Advisory: SA25073 Secunia Advisory: SA25095 Secunia Advisory: SA27047 Secunia Advisory: SA29129 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0323.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9302 OSVDB 35495 MISC http://taviso.decsystem.org/virtsec.pdf MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 http://www.mandriva.com/security/advisories?name=MDKSA-2007:203 FEDORA DEBIAN http://www.debian.org/security/2007/dsa-1284 BID 23731 |
|
| Return to the previous page. |
