CVE-2007-5729 (GCVE-0-2007-5729)

Vulnerability from cvelistv5 – Published: 2007-10-30 22:00 – Updated: 2024-08-07 15:39
VLAI
Summary
The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the mtu overflow vulnerability.
Severity
No CVSS data available.
CWE
  • n/a
Assigner
References
URL Tags
http://www.securityfocus.com/bid/23731 vdb-entryx_refsource_BID
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
http://osvdb.org/42986 vdb-entryx_refsource_OSVDB
http://www.debian.org/security/2007/dsa-1284 vendor-advisoryx_refsource_DEBIAN
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://secunia.com/advisories/25073 third-party-advisoryx_refsource_SECUNIA
http://taviso.decsystem.org/virtsec.pdf x_refsource_MISC
http://secunia.com/advisories/27486 third-party-advisoryx_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
http://secunia.com/advisories/33568 third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/1597 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/29129 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/25095 third-party-advisoryx_refsource_SECUNIA
http://www.attrition.org/pipermail/vim/2007-Octob… mailing-listx_refsource_VIM
Date Public
2007-05-01 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:39:13.675Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "23731",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23731"
          },
          {
            "name": "MDKSA-2007:203",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:203"
          },
          {
            "name": "42986",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/42986"
          },
          {
            "name": "DSA-1284",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1284"
          },
          {
            "name": "qemu-ne2000-code-execution(38238)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38238"
          },
          {
            "name": "25073",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25073"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://taviso.decsystem.org/virtsec.pdf"
          },
          {
            "name": "27486",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27486"
          },
          {
            "name": "MDVSA-2008:162",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162"
          },
          {
            "name": "SUSE-SR:2009:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
          },
          {
            "name": "33568",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33568"
          },
          {
            "name": "ADV-2007-1597",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1597"
          },
          {
            "name": "29129",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29129"
          },
          {
            "name": "25095",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25095"
          },
          {
            "name": "20071030 Clarification on old QEMU/NE2000/Xen issues",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-October/001842.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 \"mtu\" heap overflow.  NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of \"NE2000 network driver and the socket code,\" but this is the correct identifier for the mtu overflow vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "23731",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23731"
        },
        {
          "name": "MDKSA-2007:203",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:203"
        },
        {
          "name": "42986",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/42986"
        },
        {
          "name": "DSA-1284",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1284"
        },
        {
          "name": "qemu-ne2000-code-execution(38238)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38238"
        },
        {
          "name": "25073",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25073"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://taviso.decsystem.org/virtsec.pdf"
        },
        {
          "name": "27486",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27486"
        },
        {
          "name": "MDVSA-2008:162",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162"
        },
        {
          "name": "SUSE-SR:2009:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
        },
        {
          "name": "33568",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33568"
        },
        {
          "name": "ADV-2007-1597",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1597"
        },
        {
          "name": "29129",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29129"
        },
        {
          "name": "25095",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25095"
        },
        {
          "name": "20071030 Clarification on old QEMU/NE2000/Xen issues",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-October/001842.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5729",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 \"mtu\" heap overflow.  NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of \"NE2000 network driver and the socket code,\" but this is the correct identifier for the mtu overflow vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "23731",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23731"
            },
            {
              "name": "MDKSA-2007:203",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:203"
            },
            {
              "name": "42986",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/42986"
            },
            {
              "name": "DSA-1284",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1284"
            },
            {
              "name": "qemu-ne2000-code-execution(38238)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38238"
            },
            {
              "name": "25073",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25073"
            },
            {
              "name": "http://taviso.decsystem.org/virtsec.pdf",
              "refsource": "MISC",
              "url": "http://taviso.decsystem.org/virtsec.pdf"
            },
            {
              "name": "27486",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27486"
            },
            {
              "name": "MDVSA-2008:162",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162"
            },
            {
              "name": "SUSE-SR:2009:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
            },
            {
              "name": "33568",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33568"
            },
            {
              "name": "ADV-2007-1597",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1597"
            },
            {
              "name": "29129",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29129"
            },
            {
              "name": "25095",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25095"
            },
            {
              "name": "20071030 Clarification on old QEMU/NE2000/Xen issues",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-October/001842.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5729",
    "datePublished": "2007-10-30T22:00:00.000Z",
    "dateReserved": "2007-10-30T00:00:00.000Z",
    "dateUpdated": "2024-08-07T15:39:13.675Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2007-5729",
      "date": "2026-06-03",
      "epss": "0.00145",
      "percentile": "0.34489"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-5729\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-10-30T22:46:00.000\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 \\\"mtu\\\" heap overflow.  NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of \\\"NE2000 network driver and the socket code,\\\" but this is the correct identifier for the mtu overflow vulnerability.\"},{\"lang\":\"es\",\"value\":\"El emulador NE2000 en QEMU 0.8.2 permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de la escritura de la estructura ethernet con un tama\u00f1o mayor que el MTU en el registro EN0_TCNT, lo cual dispara un desbordamiento de b\u00fafer basado en pila en la libreria slirp, tambi\u00e9n conocida como desbordamiento de pila NE2000 \\\"mtu\\\". NOTA: algunas fuentes han utilizado CVE-2007-1321 para referenciar este asunto como una parte de \\\"el controlado de red NE2000 y el c\u00f3digo de conexi\u00f3n,\\\" pero este es el indentificador correcto para la vulnerabilidad de desbordamiento de mtu.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:0.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27650033-1C9F-4175-A26F-D9082A36F079\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F92AB32-E7DE-43F4-B877-1F41FA162EC7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B42AB65-443B-4655-BAEA-4EB4A43D9509\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://osvdb.org/42986\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/25073\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/25095\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27486\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29129\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/33568\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://taviso.decsystem.org/virtsec.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"http://www.attrition.org/pipermail/vim/2007-October/001842.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2007/dsa-1284\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:203\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:162\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/23731\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/1597\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/38238\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://osvdb.org/42986\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/25073\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/25095\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27486\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29129\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/33568\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://taviso.decsystem.org/virtsec.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"http://www.attrition.org/pipermail/vim/2007-October/001842.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2007/dsa-1284\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:203\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:162\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/23731\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/1597\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/38238\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Not vulnerable. This issue did not affect Xen as shipped with Red Hat Enterprise Linux 5.\",\"lastModified\":\"2007-11-02T00:00:00\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.