{"api_version":"1","generated_at":"2026-04-22T17:45:26+00:00","cve":"CVE-2007-1320","urls":{"html":"https://cve.report/CVE-2007-1320","api":"https://cve.report/api/cve/CVE-2007-1320.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-1320","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-1320"},"summary":{"title":"CVE-2007-1320","description":"Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to \"attempting to mark non-existent regions as dirty,\" aka the \"bitblt\" heap overflow.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2007-05-02 17:19:00","updated_at":"2020-12-15 23:52:00"},"problem_types":["CWE-787"],"metrics":[],"references":[{"url":"http://secunia.com/advisories/30413","name":"30413","refsource":"SECUNIA","tags":["Third Party Advisory"],"title":"Fedora update for kvm - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://taviso.decsystem.org/virtsec.pdf","name":"http://taviso.decsystem.org/virtsec.pdf","refsource":"MISC","tags":["Technical Description","Third Party Advisory"],"title":"","mime":"application/pdf","httpstatus":"200","archivestatus":"403"},{"url":"http://www.redhat.com/support/errata/RHSA-2007-0323.html","name":"RHSA-2007:0323","refsource":"REDHAT","tags":["Third Party Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.html","name":"FEDORA-2007-713","refsource":"FEDORA","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora Core 6 Update: xen-3.0.3-12.fc6","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/33568","name":"33568","refsource":"SECUNIA","tags":["Third Party Advisory"],"title":"SUSE Update for Multiple Packages - Secunia Advisories - Vulnerability Intelligence - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/35494","name":"35494","refsource":"OSVDB","tags":["Broken Link"],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html","name":"SUSE-SR:2009:002","refsource":"SUSE","tags":["Mailing List","Third Party Advisory"],"title":"[security-announce] SUSE Security Summary Report: SUSE-SR:2009:002","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00935.html","name":"FEDORA-2008-4604","refsource":"FEDORA","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 8 Update: kvm-60-6.fc8","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2007/dsa-1384","name":"DSA-1384","refsource":"DEBIAN","tags":["Third Party Advisory"],"title":"Debian -- Security Information -- DSA-1384-1 xen-utils","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/25095","name":"25095","refsource":"SECUNIA","tags":["Third Party Advisory"],"title":"Debian update for qemu - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/29129","name":"29129","refsource":"SECUNIA","tags":["Third Party Advisory"],"title":"KVM Multiple Vulnerabilities - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:162","name":"MDVSA-2008:162","refsource":"MANDRIVA","tags":["Third Party Advisory"],"title":"Support / Security / Advisories /  / MDVSA-2008:162 | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/25073","name":"25073","refsource":"SECUNIA","tags":["Third Party Advisory"],"title":"QEMU Various Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27047","name":"27047","refsource":"SECUNIA","tags":["Third Party Advisory"],"title":"Red Hat update for xen - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27085","name":"27085","refsource":"SECUNIA","tags":["Third Party Advisory"],"title":"Debian update for xen-utils - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2007/dsa-1284","name":"DSA-1284","refsource":"DEBIAN","tags":["Third Party Advisory"],"title":"Debian -- Security Information -- DSA-1284-1 qemu","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.vupen.com/english/advisories/2007/1597","name":"ADV-2007-1597","refsource":"VUPEN","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/23731","name":"23731","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"QEMU Multiple Local Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10315","name":"oval:org.mitre.oval:def:10315","refsource":"OVAL","tags":["Third Party Advisory"],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27486","name":"27486","refsource":"SECUNIA","tags":["Third Party Advisory"],"title":"Mandriva update for xen - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00706.html","name":"FEDORA-2008-4386","refsource":"FEDORA","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 9 Update: kvm-65-7.fc9","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27103","name":"27103","refsource":"SECUNIA","tags":["Third Party Advisory"],"title":"Fedora update for xen - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:203","name":"MDKSA-2007:203","refsource":"MANDRIVA","tags":["Third Party Advisory"],"title":"Support / Security / Advisories /  / MDKSA-2007:203 | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-1320","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1320","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora_core","cpe6":"6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora_core","cpe6":"6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse","cpe5":"opensuse","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse","cpe5":"opensuse","cpe6":"11.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse","cpe5":"opensuse","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse","cpe5":"opensuse","cpe6":"11.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qemu","cpe5":"qemu","cpe6":"0.8.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qemu","cpe5":"qemu","cpe6":"0.8.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"xen","cpe5":"xen","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1320","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"xen","cpe5":"xen","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-1320","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to \"attempting to mark non-existent regions as dirty,\" aka the \"bitblt\" heap overflow."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"23731","refsource":"BID","url":"http://www.securityfocus.com/bid/23731"},{"name":"MDKSA-2007:203","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:203"},{"name":"FEDORA-2008-4386","refsource":"FEDORA","url":"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00706.html"},{"name":"oval:org.mitre.oval:def:10315","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10315"},{"name":"35494","refsource":"OSVDB","url":"http://osvdb.org/35494"},{"name":"27047","refsource":"SECUNIA","url":"http://secunia.com/advisories/27047"},{"name":"FEDORA-2008-4604","refsource":"FEDORA","url":"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00935.html"},{"name":"DSA-1284","refsource":"DEBIAN","url":"http://www.debian.org/security/2007/dsa-1284"},{"name":"25073","refsource":"SECUNIA","url":"http://secunia.com/advisories/25073"},{"name":"http://taviso.decsystem.org/virtsec.pdf","refsource":"MISC","url":"http://taviso.decsystem.org/virtsec.pdf"},{"name":"27486","refsource":"SECUNIA","url":"http://secunia.com/advisories/27486"},{"name":"MDVSA-2008:162","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:162"},{"name":"27085","refsource":"SECUNIA","url":"http://secunia.com/advisories/27085"},{"name":"SUSE-SR:2009:002","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"},{"name":"30413","refsource":"SECUNIA","url":"http://secunia.com/advisories/30413"},{"name":"33568","refsource":"SECUNIA","url":"http://secunia.com/advisories/33568"},{"name":"ADV-2007-1597","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/1597"},{"name":"27103","refsource":"SECUNIA","url":"http://secunia.com/advisories/27103"},{"name":"29129","refsource":"SECUNIA","url":"http://secunia.com/advisories/29129"},{"name":"RHSA-2007:0323","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2007-0323.html"},{"name":"25095","refsource":"SECUNIA","url":"http://secunia.com/advisories/25095"},{"name":"FEDORA-2007-713","refsource":"FEDORA","url":"https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.html"},{"name":"DSA-1384","refsource":"DEBIAN","url":"http://www.debian.org/security/2007/dsa-1384"}]}},"nvd":{"publishedDate":"2007-05-02 17:19:00","lastModifiedDate":"2020-12-15 23:52:00","problem_types":["CWE-787"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":7.2},"severity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:qemu:qemu:0.8.2:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora_core:6:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"1320","Ordinal":"23859","Title":"CVE-2007-1320","CVE":"CVE-2007-1320","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"1320","Ordinal":"1","NoteData":"Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to \"attempting to mark non-existent regions as dirty,\" aka the \"bitblt\" heap overflow.","Type":"Description","Title":null},{"CveYear":"2007","CveId":"1320","Ordinal":"2","NoteData":"2007-05-02","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"1320","Ordinal":"3","NoteData":"2017-10-09","Type":"Other","Title":"Modified"}]}}}