CVE-2007-2893

N/A Unknown
Published: May 30, 2007 Modified: April 23, 2026
View on NVD

Description

Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memory locations and gain privileges on the host operating system via vectors that cause TXCNT register values to exceed the device memory size, aka "RX Frame heap overflow."

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=188148
Source: cve@mitre.org
Third Party Advisory
http://osvdb.org/36799
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/25470
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/26364
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/27715
Source: cve@mitre.org
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200711-21.xml
Source: cve@mitre.org
Third Party Advisory
http://taviso.decsystem.org/virtsec.pdf
Source: cve@mitre.org
Third Party Advisory
http://www.debian.org/security/2007/dsa-1351
Source: cve@mitre.org
Third Party Advisory
http://www.securityfocus.com/bid/24246
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2007/1936
Source: cve@mitre.org
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/34508
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://bugs.gentoo.org/show_bug.cgi?id=188148
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://osvdb.org/36799
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/25470
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/26364
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27715
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200711-21.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://taviso.decsystem.org/virtsec.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2007/dsa-1351
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/24246
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2007/1936
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/34508
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry

22 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.1%
18th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

bochs_project

Related CVEs

CVE-2026-46719 N/A
CVE-2025-4202 4.3
CVE-2026-8657 8.2
CVE-2026-8656 6.1
CVE-2026-8681 5.3