CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2007-5730 – QEMU Buffer overflow via crafted "net socket listen" option
https://notcve.org/view.php?id=CVE-2007-5730
30 Oct 2007 — Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the individual net socket listen vulnerability. Un desbordamiento de búfer en la región heap de la memoria en QEMU versión 0.8.2, c... • http://osvdb.org/42985 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2007-1320 – xen/qemu Cirrus LGD-54XX "bitblt" Heap Overflow
https://notcve.org/view.php?id=CVE-2007-1320
02 May 2007 — Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow. Múltiples desbordamientos de búfer en la región heap de la memoria en la función cirrus_invalidate_region en la extensión Cirrus VGA en QEMU versión 0.8.2, como es usado en Xen y... • http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 1%CPEs: 7EXPL: 0CVE-2007-0998 – HVM guest VNC server allows compromise of entire host OS by any VNC console user
https://notcve.org/view.php?id=CVE-2007-0998
20 Mar 2007 — The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information. La implementación del servidor VNC en QEMU, como es usada por Xen y posiblemente otros entornos, permite a usuarios locales de un sistema operativo ... • http://fedoranews.org/cms/node/2802 • CWE-264: Permissions, Privileges, and Access Controls •