Vulnerabilities > CVE-2007-2455 - Denial-Of-Service vulnerability in Parallels Desktop for Mac OS X

047910
CVSS 6.1 - MEDIUM
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
low complexity
parallels

Summary

Parallels allows local users to cause a denial of service (virtual machine abort) via (1) certain INT instructions, as demonstrated by INT 0xAA; (2) an IRET instruction when an invalid address is at the top of the stack; (3) a malformed MOVNTI instruction, as demonstrated by using a register as a destination; or a write operation to (4) SEGR6 or (5) SEGR7.

Vulnerable Configurations

Part Description Count
Application
Parallels
1