Vulnerabilities > Microsoft > Virtual PC > 2004

DATE CVE VULNERABILITY TITLE RISK
2009-07-15 CVE-2009-1542 Permissions, Privileges, and Access Controls vulnerability in Microsoft Virtual PC and Virtual Server
The Virtual Machine Monitor (VMM) in Microsoft Virtual PC 2004 SP1, 2007, and 2007 SP1, and Microsoft Virtual Server 2005 R2 SP1, does not enforce CPU privilege-level requirements for all machine instructions, which allows guest OS users to execute arbitrary kernel-mode code and gain privileges within the guest OS via a crafted application, aka "Virtual PC and Virtual Server Privileged Instruction Decoding Vulnerability."
network
low complexity
microsoft CWE-264
critical
9.0
2007-08-14 CVE-2007-0948 Heap Overflow vulnerability in Microsoft Virtual PC and Virtual Server
Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to "interaction and initialization of components."
network
microsoft
critical
9.3