CVE-2004-0115

The CVE-2004-0115 issue affects Microsoft Virtual PC for Mac 6.0–6.1. The setuid VirtualPC_Services creates a temporary log file (/tmp/VPCServices_Log) without proper checks, enabling a local attacker with valid logon to create a symlink that leads to truncation/overwriting of arbitrary files and...

CVE-2009-1542

The CVE-2009-1542 issue is a privilege-escalation vulnerability in the Virtual Machine Monitor (VMM) of Microsoft Virtual PC 2004 SP1, Virtual PC 2007 (including SP1), and Virtual Server 2005 R2 SP1. The VMM fails to enforce CPU privilege-level requirements for specific machine instructions, pote...

CVE-2010-1225

The CVE-2010-1225 issue affects Microsoft Virtual PC 2007 Gold/SP1, Virtual Server 2005 Gold/R2 SP1, and Windows Virtual PC. The root cause is a memory-management flaw where the VMM work-area memory is not properly protected from guest access, allowing context-dependent attackers to bypass some g...

CVE-2007-0948

The CVE-2007-0948 issue is a heap overflow vulnerability in Microsoft Virtual PC 2004, PC for Mac 7.1/7, and Virtual Server 2005/2005 R2. A guest OS administrator could cause a heap overflow that allows code execution on the host or other guests, elevating privileges. Exploitation requires admini...