Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3547

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-3547
Last Modified 05 Sep 2008 05:07:26
Published 12 Jul 2006 08:05:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-3547

Summary

** DISPUTED ** EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed.

Vulnerable Systems

Application

  • Vmware Player


References

BUGTRAQ - 20060620 Re: Vm ware 0day dos exploit by n00b.

BUGTRAQ - 20060618 Vm ware 0day dos exploit by n00b.

OSVDB - 27524


Last Updated: 27 May 2016 10:43:02