Vulnerability Description
Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to "interaction and initialization of components."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Virtual Pc | 6.1 |
| Microsoft | Virtual Server | 2005 |
References
- http://secunia.com/advisories/26444Vendor Advisory
- http://www.securityfocus.com/bid/25298Patch
- http://www.securitytracker.com/id?1018567
- http://www.us-cert.gov/cas/techalerts/TA07-226A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2007/2873
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-04
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://secunia.com/advisories/26444Vendor Advisory
- http://www.securityfocus.com/bid/25298Patch
- http://www.securitytracker.com/id?1018567
- http://www.us-cert.gov/cas/techalerts/TA07-226A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2007/2873
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-04
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2007-0948?
CVE-2007-0948 is a vulnerability with a CVSS score of 9.3 (HIGH). Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via...
How severe is CVE-2007-0948?
CVE-2007-0948 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0948?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Virtual Pc, Microsoft Virtual Server.