CVE-2007-2454: Buffer Overflow
First published: Wed May 02 2007(Updated: )
Heap-based buffer overflow in the VGA device in Parallels allows local users, with root access to the guest operating system, to terminate the virtual machine and possibly execute arbitrary code in the host operating system via unspecified vectors related to bitblt operations.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Parallels Desktop |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2007-2454?
CVE-2007-2454 is considered a high-severity vulnerability due to its potential to allow arbitrary code execution on the host operating system.
How can I mitigate CVE-2007-2454?
To mitigate CVE-2007-2454, it is recommended to update Parallels Desktop to the latest version that addresses this vulnerability.
Who is affected by CVE-2007-2454?
CVE-2007-2454 affects users of Parallels Desktop for Mac who have local root access to the guest operating system.
What can happen if CVE-2007-2454 is exploited?
If exploited, CVE-2007-2454 can lead to the termination of the virtual machine and may allow an attacker to execute arbitrary code on the host system.
When was CVE-2007-2454 published?
CVE-2007-2454 was published on May 9, 2007.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/parallels
- canonical/parallels desktop