Lucene search

[email protected]CVE-2007-1220

HistoryMar 02, 2007 - 10:19 p.m.

CVE-2007-1220

2007-03-0222:19:00

[email protected]

web.nvd.nist.gov

microsoft

xbox 360

hypervisor

code-signing

physical access

kernel

nvd

cve-2007-1220

6.2 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.7%

JSON

The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 does not properly verify the parameters passed to the syscall dispatcher, which allows attackers with physical access to bypass code-signing requirements and execute arbitrary code.

Affected configurations

NVD

Node

microsoftxbox_360Match4532

microsoftxbox_360Match4548

AND

microsoftxbox_360

CPENameOperatorVersion
microsoft:xbox_360microsoft xbox 360eq4532
microsoft:xbox_360microsoft xbox 360eq4548

CPE	Name	Operator	Version
microsoft:xbox_360	microsoft xbox 360	eq	4532
microsoft:xbox_360	microsoft xbox 360	eq	4548

References

securityreason.com/securityalert/2367

www.securityfocus.com/archive/1/461489/100/0/threaded

www.securityfocus.com/bid/22745

6.2 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.7%

JSON

Related for CVE-2007-1220

prion1 cvelist1 nvd1 securityvulns1