Package: bochs Severity: important Tags: security A security bug has been disclosed in bochs:
| Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in | iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local | users of the guest operating system to write to arbitrary memory | locations and gain privileges on the host operating system via vectors | that cause TXCNT register values to exceed the device memory size, aka | "RX Frame heap overflow." <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2893> Please mention the name CVE-2007-2893 in the changelog when fixing this bug. There is another issue, CVE-2007-2894, which seems to be rather harmless to me. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
