CVE-2007-1320 (CNNVD-200705-036)

HIGH
中文标题:
QEMU 'cirrus_invalidate_region()'函数安全漏洞
英文标题:
Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA exte...
CVSS分数: 7.2
发布时间: 2007-05-02 17:00:00
漏洞类型: 缓冲区错误
状态: PUBLISHED
数据质量分数: 0.30
数据版本: v3
漏洞描述
中文描述:

QEMU(又名Quick Emulator)是法国程序员法布里斯-贝拉(Fabrice Bellard)所研发的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU中存在多个安全漏洞,具体如下: Cirrus视频驱动的cirrus_invalidate_region()函数中存在堆溢出漏洞。

英文描述:

Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow.

CWE类型:
CWE-787
标签:
(暂无数据)
受影响产品
厂商 产品 版本 版本范围 平台 CPE
qemu qemu 0.8.2 - - cpe:2.3:a:qemu:qemu:0.8.2:*:*:*:*:*:*:*
fedoraproject fedora 8 - - cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*
fedoraproject fedora 9 - - cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*
fedoraproject fedora_core 6 - - cpe:2.3:o:fedoraproject:fedora_core:6:*:*:*:*:*:*:*
opensuse opensuse 11.0 - - cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
opensuse opensuse 11.1 - - cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
debian debian_linux 3.1 - - cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
debian debian_linux 4.0 - - cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
23731 vdb-entry
cve.org
访问
MDKSA-2007:203 vendor-advisory
cve.org
访问
FEDORA-2008-4386 vendor-advisory
cve.org
访问
oval:org.mitre.oval:def:10315 vdb-entry
cve.org
访问
35494 vdb-entry
cve.org
访问
27047 third-party-advisory
cve.org
访问
FEDORA-2008-4604 vendor-advisory
cve.org
访问
DSA-1284 vendor-advisory
cve.org
访问
25073 third-party-advisory
cve.org
访问
无标题 x_refsource_MISC
cve.org
访问
27486 third-party-advisory
cve.org
访问
MDVSA-2008:162 vendor-advisory
cve.org
访问
27085 third-party-advisory
cve.org
访问
SUSE-SR:2009:002 vendor-advisory
cve.org
访问
30413 third-party-advisory
cve.org
访问
33568 third-party-advisory
cve.org
访问
ADV-2007-1597 vdb-entry
cve.org
访问
27103 third-party-advisory
cve.org
访问
29129 third-party-advisory
cve.org
访问
RHSA-2007:0323 vendor-advisory
cve.org
访问
25095 third-party-advisory
cve.org
访问
FEDORA-2007-713 vendor-advisory
cve.org
访问
DSA-1384 vendor-advisory
cve.org
访问
CVSS评分详情
7.2
HIGH
CVSS向量: AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS版本: 2.0
机密性
COMPLETE
完整性
COMPLETE
可用性
COMPLETE
时间信息
发布时间:
2007-05-02 17:00:00
修改时间:
2024-08-07 12:50:35
创建时间:
2025-11-11 15:32:42
更新时间:
2025-11-11 15:49:17
利用信息
暂无可利用代码信息
数据源详情
数据源 记录ID 版本 提取时间
CVE cve_CVE-2007-1320 2025-11-11 15:17:50 2025-11-11 07:32:42
NVD nvd_CVE-2007-1320 2025-11-11 14:52:10 2025-11-11 07:41:28
CNNVD cnnvd_CNNVD-200705-036 2025-11-11 15:08:56 2025-11-11 07:49:17
版本与语言
当前版本: v3
主要语言: EN
支持语言:
EN ZH
安全公告
暂无安全公告信息
变更历史
v3 CNNVD
2025-11-11 15:49:17
vulnerability_type: 未提取 → 缓冲区错误; cnnvd_id: 未提取 → CNNVD-200705-036; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
  • vulnerability_type: 未提取 -> 缓冲区错误
  • cnnvd_id: 未提取 -> CNNVD-200705-036
  • data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2 NVD
2025-11-11 15:41:28
severity: SeverityLevel.MEDIUM → SeverityLevel.HIGH; cvss_score: 未提取 → 7.2; cvss_vector: NOT_EXTRACTED → AV:L/AC:L/Au:N/C:C/I:C/A:C; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 8; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
  • severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
  • cvss_score: 未提取 -> 7.2
  • cvss_vector: NOT_EXTRACTED -> AV:L/AC:L/Au:N/C:C/I:C/A:C
  • cvss_version: NOT_EXTRACTED -> 2.0
  • affected_products_count: 0 -> 8
  • data_sources: ['cve'] -> ['cve', 'nvd']