Unrated severityNVD Advisory· Published May 30, 2007· Updated Apr 23, 2026
CVE-2007-2893
CVE-2007-2893
Description
Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memory locations and gain privileges on the host operating system via vectors that cause TXCNT register values to exceed the device memory size, aka "RX Frame heap overflow."
Affected products
1- cpe:2.3:a:bochs_project:bochs:2.3:-:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- bugs.gentoo.org/show_bug.cginvdThird Party Advisory
- secunia.com/advisories/25470nvdThird Party Advisory
- secunia.com/advisories/26364nvdThird Party Advisory
- secunia.com/advisories/27715nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-200711-21.xmlnvdThird Party Advisory
- taviso.decsystem.org/virtsec.pdfnvdThird Party Advisory
- www.debian.org/security/2007/dsa-1351nvdThird Party Advisory
- www.securityfocus.com/bid/24246nvdThird Party AdvisoryVDB Entry
- www.vupen.com/english/advisories/2007/1936nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/34508nvdThird Party AdvisoryVDB Entry
- osvdb.org/36799nvdBroken Link
News mentions
0No linked articles in our index yet.