ID |
CVE-2007-2454
|
Summary |
Heap-based buffer overflow in the VGA device in Parallels allows local users, with root access to the guest operating system, to terminate the virtual machine and possibly execute arbitrary code in the host operating system via unspecified vectors related to bitblt operations. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 6.8 (as of 15-11-2008 - 06:48) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
SINGLE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:L/AC:L/Au:S/C:C/I:C/A:C
|
refmap
via4
|
|
Last major update |
15-11-2008 - 06:48 |
Published |
02-05-2007 - 17:19 |
Last modified |
15-11-2008 - 06:48 |