NVD

Id
55053  
Name
CVE-2007-2893  
Description
Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memory locations and gain privileges on the host operating system via vectors that cause TXCNT register values to exceed the device memory size, aka "RX Frame heap overflow."  
Reject
 
CVSS Version
2  
CVSS Score
7.2  
Severity
High  
CVSS Base Score
7.2  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-05-29  
Modified Date
2012-10-30  
Seq
2007-2893  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
279703 55053 CVE-2007-2893 http://bugs.gentoo.org/show_bug.cgi?id=188148  View
279704 55053 CVE-2007-2893 GLSA-200711-21  View
279705 55053 CVE-2007-2893 http://taviso.decsystem.org/virtsec.pdf  View
279706 55053 CVE-2007-2893 DSA-1351  View
279707 55053 CVE-2007-2893 24246  View
279708 55053 CVE-2007-2893 ADV-2007-1936  View
279709 55053 CVE-2007-2893 bochs-ne2000-bo(34508)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
53399 JVNDB-2007-002091 Bochs NE2000 エミュレータデバイスの bx_ne2k_c::rx_frame 関数におけるヒープベースのバッファオーバーフローの脆弱性 Bochs の NE2000 エミュレータデバイスの iodev/ne2k.cc の bx_ne2k_c::rx_frame 関数は、デバイスメモリサイズを超過する TXCNT レジスタの値が発生するため、ヒープベースのバッファオーバーフローの脆弱性が存在します。 CVE-2007-2893 26248 CVE-2007-2893 55053 7.2 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002091.html 2007-05-29 2012-06-26 View