Vulnerability Description
Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qemu | Qemu | 0.8.2 |
| Xen | Xen | - |
| Fedoraproject | Fedora | 8 |
| Fedoraproject | Fedora Core | 6 |
| Opensuse | Opensuse | 11.0 |
| Debian | Debian Linux | 3.1 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.htmlMailing ListThird Party Advisory
- http://osvdb.org/35494Broken Link
- http://secunia.com/advisories/25073Third Party Advisory
- http://secunia.com/advisories/25095Third Party Advisory
- http://secunia.com/advisories/27047Third Party Advisory
- http://secunia.com/advisories/27085Third Party Advisory
- http://secunia.com/advisories/27103Third Party Advisory
- http://secunia.com/advisories/27486Third Party Advisory
- http://secunia.com/advisories/29129Third Party Advisory
- http://secunia.com/advisories/30413Third Party Advisory
- http://secunia.com/advisories/33568Third Party Advisory
- http://taviso.decsystem.org/virtsec.pdfTechnical DescriptionThird Party Advisory
- http://www.debian.org/security/2007/dsa-1284Third Party Advisory
- http://www.debian.org/security/2007/dsa-1384Third Party Advisory
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:203Third Party Advisory
FAQ
What is CVE-2007-1320?
CVE-2007-1320 is a vulnerability with a CVSS score of 7.2 (HIGH). Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute ...
How severe is CVE-2007-1320?
CVE-2007-1320 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1320?
Check the references section above for vendor advisories and patch information. Affected products include: Qemu Qemu, Xen Xen, Fedoraproject Fedora, Fedoraproject Fedora Core, Opensuse Opensuse.