CVE-2007-0948

high

Description

Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to "interaction and initialization of components."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1259

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-049

http://www.vupen.com/english/advisories/2007/2873

http://www.us-cert.gov/cas/techalerts/TA07-226A.html

http://www.securitytracker.com/id?1018567

http://www.securityfocus.com/bid/25298

http://secunia.com/advisories/26444

Details

Source: Mitre, NVD

Published: 2007-08-14

Updated: 2018-10-12

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.2

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Severity: High