Unrated severityNVD Advisory· Published Aug 14, 2007· Updated Apr 23, 2026

CVE-2007-0948

Description

Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to "interaction and initialization of components."

Affected products

Microsoft/Virtual Pc3 versions
cpe:2.3:a:microsoft:virtual_pc:2004:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:virtual_pc:2004:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:virtual_pc:6.1:*:mac:*:*:*:*:*
- cpe:2.3:a:microsoft:virtual_pc:7:*:mac:*:*:*:*:*
Microsoft/Virtual Server2 versions
cpe:2.3:a:microsoft:virtual_server:2005:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:virtual_server:2005:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:virtual_server:2005:r2:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/25298nvdPatch
secunia.com/advisories/26444nvdVendor Advisory
www.us-cert.gov/cas/techalerts/TA07-226A.htmlnvdUS Government Resource
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2007/2873nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-049nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1259nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.046
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000