Vulnerability Details CVE-2007-2454
Heap-based buffer overflow in the VGA device in Parallels allows local users, with root access to the guest operating system, to terminate the virtual machine and possibly execute arbitrary code in the host operating system via unspecified vectors related to bitblt operations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.5%
CVSS Severity
CVSS v2 Score 6.8
References
Products affected by CVE-2007-2454
-
cpe:2.3:a:parallels:parallels_desktop:14.0.0
-
cpe:2.3:a:parallels:parallels_desktop:14.0.1
-
cpe:2.3:a:parallels:parallels_desktop:14.1.0
-
cpe:2.3:a:parallels:parallels_desktop:14.1.1
-
cpe:2.3:a:parallels:parallels_desktop:14.1.2
-
cpe:2.3:a:parallels:parallels_desktop:14.1.3
-
cpe:2.3:a:parallels:parallels_desktop:15.0.0
-
cpe:2.3:a:parallels:parallels_desktop:15.1.0
-
cpe:2.3:a:parallels:parallels_desktop:15.1.1
-
cpe:2.3:a:parallels:parallels_desktop:15.1.2
-
cpe:2.3:a:parallels:parallels_desktop:15.1.3
-
cpe:2.3:a:parallels:parallels_desktop:15.1.4
-
cpe:2.3:a:parallels:parallels_desktop:15.1.4-47270
-
cpe:2.3:a:parallels:parallels_desktop:15.1.5-47309
-
cpe:2.3:a:parallels:parallels_desktop:16.0.0
-
cpe:2.3:a:parallels:parallels_desktop:16.0.1
-
cpe:2.3:a:parallels:parallels_desktop:16.1.0
-
cpe:2.3:a:parallels:parallels_desktop:16.1.0-48950
-
cpe:2.3:a:parallels:parallels_desktop:16.1.1
-
cpe:2.3:a:parallels:parallels_desktop:16.1.1-49141
-
cpe:2.3:a:parallels:parallels_desktop:16.1.2
-
cpe:2.3:a:parallels:parallels_desktop:16.1.2-49151
-
cpe:2.3:a:parallels:parallels_desktop:16.1.3
-
cpe:2.3:a:parallels:parallels_desktop:16.5.0
-
cpe:2.3:a:parallels:parallels_desktop:16.5.0_(49183)
-
cpe:2.3:a:parallels:parallels_desktop:16.5.1
-
cpe:2.3:a:parallels:parallels_desktop:16.5.1_(49187)
-
cpe:2.3:a:parallels:parallels_desktop:17.1.1
-
cpe:2.3:a:parallels:parallels_desktop:17.1.1_(51537)