VDB
CVE-2007-5729
CVE-2007-5729
PUBLISHED
CVSS 7.199999809265137 HIGH
The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the mtu overflow vulnerability.
EPSS 0.14% · 34.5th percentile
Risk Scores
CVSS v2.0
7.199999809265137
EPSS Score
0.14%
34.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| qemu | qemu | 0.8.2 |
| debian | debian_linux | 3.1, 4.0 |
| n/a | n/a | n/a |
| opensuse | opensuse | 11.0, 11.1 |
Timeline
- Oct 30, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 1, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 17, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 1, 2023 EPSS Score
References
- 23731 vdb
- MDKSA-2007:203 vendor-advisory
- 42986 vdb
- DSA-1284 vendor-advisory
- qemu-ne2000-code-execution(38238) vdb
- 25073 third-party-advisory
- http://taviso.decsystem.org/virtsec.pdf url
- 27486 third-party-advisory
- MDVSA-2008:162 vendor-advisory
- SUSE-SR:2009:002 vendor-advisory
- 33568 third-party-advisory
- ADV-2007-1597 vdb
- 29129 third-party-advisory
- 25095 third-party-advisory
- 20071030 Clarification on old QEMU/NE2000/Xen issues mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2007-5729 advisory