CVE-2007-2893

Sažetak

Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memory locations and gain privileges on the host operating system via vectors that cause TXCNT register values to exceed the device memory size, aka "RX Frame heap overflow."

Reference

http://bugs.gentoo.org/show_bug.cgi?id=188148
http://osvdb.org/36799
http://secunia.com/advisories/25470
http://secunia.com/advisories/26364
http://secunia.com/advisories/27715
http://security.gentoo.org/glsa/glsa-200711-21.xml
http://taviso.decsystem.org/virtsec.pdf
http://www.debian.org/security/2007/dsa-1351
http://www.securityfocus.com/bid/24246
http://www.vupen.com/english/advisories/2007/1936
https://exchange.xforce.ibmcloud.com/vulnerabilities/34508

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

19-05-2020 - 19:56

Objavljeno

30-05-2007 - 01:30