QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-1321

Back to search

CVE-2007-1321

Published: Oct 30, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier was inadvertently used by some sources to cover multiple issues that were labeled "NE2000 network driver and the socket code," but separate identifiers have been created for the individual vulnerabilities since there are sometimes different fixes; see CVE-2007-5729 and CVE-2007-5730.

VendorProductVersions

n/a

n/a

affected
n/a

References

23731
vdb-entry
x_refsource_BID
MDKSA-2007:203
vendor-advisory
x_refsource_MANDRIVA
FEDORA-2007-2270
vendor-advisory
x_refsource_FEDORA
27047
third-party-advisory
x_refsource_SECUNIA
DSA-1284
vendor-advisory
x_refsource_DEBIAN
1018761
vdb-entry
x_refsource_SECTRACK
25073
third-party-advisory
x_refsource_SECUNIA
27486
third-party-advisory
x_refsource_SECUNIA
MDVSA-2008:162
vendor-advisory
x_refsource_MANDRIVA
35495
vdb-entry
x_refsource_OSVDB
ADV-2007-1597
vdb-entry
x_refsource_VUPEN
FEDORA-2007-2708
vendor-advisory
x_refsource_FEDORA
27103
third-party-advisory
x_refsource_SECUNIA
29129
third-party-advisory
x_refsource_SECUNIA
RHSA-2007:0323
vendor-advisory
x_refsource_REDHAT
25095
third-party-advisory
x_refsource_SECUNIA
27072
third-party-advisory
x_refsource_SECUNIA
FEDORA-2007-713
vendor-advisory
x_refsource_FEDORA
oval:org.mitre.oval:def:9302
vdb-entry
signature
x_refsource_OVAL

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now