Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2007-5730

Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the individual net socket listen vulnerability.

Published

2007-10-30T22:46:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.2 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	qemu	qemu	0.8.2	Yes
Operating System	xen	xen	*	No
Operating System	debian	debian_linux	3.1	Yes
Operating System	debian	debian_linux	4.0	Yes

References

http://osvdb.org/42985 Broken Link ([email protected])
http://secunia.com/advisories/25073 Third Party Advisory, Vendor Advisory ([email protected])
http://secunia.com/advisories/25095 Third Party Advisory ([email protected])
http://secunia.com/advisories/27486 Third Party Advisory ([email protected])
http://secunia.com/advisories/29129 Third Party Advisory ([email protected])
http://secunia.com/advisories/29963 Third Party Advisory ([email protected])
http://taviso.decsystem.org/virtsec.pdf Technical Description, Third Party Advisory ([email protected])
http://www.attrition.org/pipermail/vim/2007-October/001842.html Third Party Advisory ([email protected])
http://www.debian.org/security/2007/dsa-1284 Third Party Advisory ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2007:203 Third Party Advisory ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 Third Party Advisory ([email protected])
http://www.redhat.com/support/errata/RHSA-2008-0194.html Third Party Advisory ([email protected])
http://www.securityfocus.com/bid/23731 Third Party Advisory, VDB Entry ([email protected])
http://www.vupen.com/english/advisories/2007/1597 Third Party Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/38239 Third Party Advisory, VDB Entry ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10000 Third Party Advisory ([email protected])
http://osvdb.org/42985 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/25073 Third Party Advisory, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/25095 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/27486 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29129 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29963 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://taviso.decsystem.org/virtsec.pdf Technical Description, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.attrition.org/pipermail/vim/2007-October/001842.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2007/dsa-1284 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2007:203 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2008-0194.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/23731 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/1597 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38239 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10000 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)