Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2007-0948 | First vendor Publication | 2007-08-14 |
Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to "interaction and initialization of components." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0948 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:1259 | |||
Oval ID: | oval:org.mitre.oval:def:1259 | ||
Title: | Virtual PC and Virtual Server Heap Overflow Vulnerability | ||
Description: | Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to "interaction and initialization of components." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-0948 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 | Product(s): | Microsoft Virtual Server 2005 Microsoft Virtual PC 2004 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 | |
Application | 2 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
36389 | Microsoft Virtual PC Guest Administrator Unspecified Local Privilege Escalation |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2007-08-16 | IAVM : 2007-T-0031 - Microsoft Virtual PC and Virtual Server Elevation of Privilege Vulnerability Severity : Category II - VMSKEY : V0014835 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-08-16 | Name : A user can elevate his privileges on the virtual system. File : smb_nt_ms07-049.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:05:23 |
|
2021-04-22 01:05:56 |
|
2020-05-23 00:19:18 |
|
2018-10-13 00:22:36 |
|
2017-10-11 09:23:51 |
|
2016-04-26 15:46:24 |
|
2014-02-17 10:39:09 |
|
2013-11-11 12:37:40 |
|
2013-05-11 10:19:22 |
|