漏洞信息(CVE-2007-1320)

一、漏洞 CVE-2007-1320 基础信息

漏洞标题

N/A

来源：AIGC 神龙大模型

漏洞描述信息

在Xen 0.8.2版本的Cirrus VGA扩展中，cirrus_invalidate_region函数中的多个堆缓冲区溢出，可能允许本地用户通过与“尝试将不存在的区域标记为 dirty”相关的未定义向量执行任意代码，这被称为“比特blt”堆溢出。

来源：AIGC 神龙大模型

CVSS信息

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

来源：AIGC 神龙大模型

漏洞类别

N/A

来源：AIGC 神龙大模型

漏洞标题

N/A

来源：美国国家漏洞数据库 NVD

漏洞描述信息

Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow.

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

漏洞标题

QEMU 'cirrus_invalidate_region()'函数安全漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

QEMU（又名Quick Emulator）是法国程序员法布里斯-贝拉（Fabrice Bellard）所研发的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU中存在多个安全漏洞，具体如下： Cirrus视频驱动的cirrus_invalidate_region()函数中存在堆溢出漏洞。

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

缓冲区错误

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2007-1320 的公开POC

#	POC 描述	源链接	神龙链接

三、漏洞 CVE-2007-1320 的情报信息

http://taviso.decsystem.org/virtsec.pdf x_refsource_MISC
http://secunia.com/advisories/33568 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/25095 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/30413 third-party-advisory x_refsource_SECUNIA
http://osvdb.org/35494 vdb-entry x_refsource_OSVDB
http://secunia.com/advisories/27047 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/29129 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/27103 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/25073 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/27486 third-party-advisory x_refsource_SECUNIA
http://www.securityfocus.com/bid/23731 vdb-entry x_refsource_BID
http://secunia.com/advisories/27085 third-party-advisory x_refsource_SECUNIA
http://www.debian.org/security/2007/dsa-1384 vendor-advisory x_refsource_DEBIAN
http://www.debian.org/security/2007/dsa-1284 vendor-advisory x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2007/1597 vdb-entry x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2007-0323.html vendor-advisory x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 vendor-advisory x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:203 vendor-advisory x_refsource_MANDRIVA
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.html vendor-advisory x_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html vendor-advisory x_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00935.html vendor-advisory x_refsource_FEDORA
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00706.html vendor-advisory x_refsource_FEDORA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10315 vdb-entry signature x_refsource_OVAL
https://nvd.nist.gov/vuln/detail/CVE-2007-1320

一、 漏洞 CVE-2007-1320 基础信息

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2007-1320 的公开POC

三、漏洞 CVE-2007-1320 的情报信息

一、漏洞 CVE-2007-1320 基础信息