Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
21 Nov 2024, 00:28
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html - Mailing List, Third Party Advisory | |
References | () http://osvdb.org/35494 - Broken Link | |
References | () http://secunia.com/advisories/25073 - Third Party Advisory | |
References | () http://secunia.com/advisories/25095 - Third Party Advisory | |
References | () http://secunia.com/advisories/27047 - Third Party Advisory | |
References | () http://secunia.com/advisories/27085 - Third Party Advisory | |
References | () http://secunia.com/advisories/27103 - Third Party Advisory | |
References | () http://secunia.com/advisories/27486 - Third Party Advisory | |
References | () http://secunia.com/advisories/29129 - Third Party Advisory | |
References | () http://secunia.com/advisories/30413 - Third Party Advisory | |
References | () http://secunia.com/advisories/33568 - Third Party Advisory | |
References | () http://taviso.decsystem.org/virtsec.pdf - Technical Description, Third Party Advisory | |
References | () http://www.debian.org/security/2007/dsa-1284 - Third Party Advisory | |
References | () http://www.debian.org/security/2007/dsa-1384 - Third Party Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:203 - Third Party Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 - Third Party Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2007-0323.html - Third Party Advisory | |
References | () http://www.securityfocus.com/bid/23731 - Third Party Advisory, VDB Entry | |
References | () http://www.vupen.com/english/advisories/2007/1597 - Third Party Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10315 - Third Party Advisory | |
References | () https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.html - Third Party Advisory | |
References | () https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00706.html - Third Party Advisory | |
References | () https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00935.html - Third Party Advisory |
Information
Published : 2007-05-02 17:19
Updated : 2024-11-21 00:28
NVD link : CVE-2007-1320
Mitre link : CVE-2007-1320
CVE.ORG link : CVE-2007-1320
JSON object : View
Products Affected
opensuse
- opensuse
fedoraproject
- fedora
- fedora_core
debian
- debian_linux
xen
- xen
qemu
- qemu
CWE
CWE-787
Out-of-bounds Write