Home > Vulnerability Database > CVE-2007-1321

Mend.io Vulnerability Database

CVE-2007-1321

Date: October 30, 2007

Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier was inadvertently used by some sources to cover multiple issues that were labeled "NE2000 network driver and the socket code," but separate identifiers have been created for the individual vulnerabilities since there are sometimes different fixes; see CVE-2007-5729 and CVE-2007-5730.

Severity Score

7.5

Related Resources (25)

Url: http://www.securityfocus.com/bid/23731

Url: http://taviso.decsystem.org/virtsec.pdf

Url: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.html

Url: http://www.attrition.org/pipermail/vim/2007-October/001842.html

Url: http://secunia.com/advisories/27072

Url: https://access.redhat.com/security/cve/CVE-2007-1321

Url: http://secunia.com/advisories/25073

Url: http://secunia.com/advisories/25095

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2007-1321

Url: http://www.vupen.com/english/advisories/2007/1597

Url: http://osvdb.org/35495

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9302

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2007:203

Url: http://www.debian.org/security/2007/dsa-1284

Url: http://www.redhat.com/support/errata/RHSA-2007-0323.html

Url: https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00030.html

Url: http://securitytracker.com/id?1018761

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2008:162

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-1321

Url: http://secunia.com/advisories/27103

Url: http://secunia.com/advisories/27047

Url: http://secunia.com/advisories/29129

Url: https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.html

Url: http://secunia.com/advisories/27486

Url: https://www.mend.io/vulnerability-database/CVE-2007-1321

Severity Score

7.5

CVSS v3

Base Score:	7.5
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL

CVSS v2

Base Score:	7.3
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2007-1321

Date: October 30, 2007

Severity Score

Related Resources (25)

Severity Score

CVSS v3

CVSS v2

Do you need more information?