Vulnerabilities > Microsoft > Virtual PC > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-04-01 | CVE-2010-1225 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Virtual PC, Virtual Server and Windows Virtual PC The memory-management implementation in the Virtual Machine Monitor (aka VMM or hypervisor) in Microsoft Virtual PC 2007 Gold and SP1, Virtual Server 2005 Gold and R2 SP1, and Windows Virtual PC does not properly restrict access from the guest OS to memory locations in the VMM work area, which allows context-dependent attackers to bypass certain anti-exploitation protection mechanisms on the guest OS via crafted input to a vulnerable application. | 9.3 |
2009-07-15 | CVE-2009-1542 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Virtual PC and Virtual Server The Virtual Machine Monitor (VMM) in Microsoft Virtual PC 2004 SP1, 2007, and 2007 SP1, and Microsoft Virtual Server 2005 R2 SP1, does not enforce CPU privilege-level requirements for all machine instructions, which allows guest OS users to execute arbitrary kernel-mode code and gain privileges within the guest OS via a crafted application, aka "Virtual PC and Virtual Server Privileged Instruction Decoding Vulnerability." | 9.0 |
2007-08-14 | CVE-2007-0948 | Heap Overflow vulnerability in Microsoft Virtual PC and Virtual Server Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to "interaction and initialization of components." | 9.3 |