OSVDB ID: 86790

Title: Microsoft Virtual PC 2007 Crafted x86 Instruction Sequence Handling Local DoS

Info

Disclosure

Oct 25, 2012

Discovery

Unknown

Dates

Exploit

Oct 25, 2012

Solution

Unknown

Description

Microsoft Virtual PC 2007 contains a flaw that may allow a local denial of service. The issue is triggered when an error occurs during the handling of a specially crafted x86 instruction sequence (\x0F\xC7\xC8\x05\x00), and will result in loss of availability for the virtual machine.

Classification

Location: Local Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Solution Unknown
Exploit: Exploit Public
Disclosure: Uncoordinated Disclosure
OSVDB: Authentication Required

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

Microsoft Corporation

Virtual PC

2007

References

Generic Exploit URL: http://code.google.com/p/ollytlscatch/downloads/detail?name=VirtualPC_IntError.exe
http://pastebin.com/exAK5XQx
Other Advisory URL: http://waleedassar.blogspot.com/2012/10/virtual-pc-machine-reset.html
Vendor URL: http://www.microsoft.com/windows/virtual-pc/support/virtual-pc-2007.aspx

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/86790