Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to “interaction and initialization of components.”
secunia.com/advisories/26444
www.securityfocus.com/bid/25298
www.securitytracker.com/id?1018567
www.us-cert.gov/cas/techalerts/TA07-226A.html
www.vupen.com/english/advisories/2007/2873
docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-049
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1259