Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5023

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2007-5023
Last Modified 19 Dec 2012 10:41:48
Published 21 Sep 2007 03:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5023

Summary

Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious "program.exe" file in the C: folder.

Vulnerable Systems

Application

  • Vmware Ace 1.0

  • Vmware Ace 1.0.3 Build 54075

  • Vmware Ace 2.0.1 Build 55017

  • Vmware Player 1.0

  • Vmware Player 1.0.5 Build 56455

  • Vmware Player 2.0.1 Build 55017

  • Vmware Server 1.0.4 Build 56528

  • Vmware Workstation 5.5

  • Vmware Workstation 5.5.1

  • Vmware Workstation 5.5.3

  • Vmware Workstation 5.5.3 Build 34685

  • Vmware Workstation 5.5.5 Build 56455

  • Vmware Workstation 6.0

  • Vmware Workstation 6.0.1 Build 55017


References

CONFIRM - http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html

CONFIRM - http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html

CONFIRM - http://www.vmware.com/support/server/doc/releasenotes_server.html

CONFIRM - http://www.vmware.com/support/player2/doc/releasenotes_player2.html

CONFIRM - http://www.vmware.com/support/player/doc/releasenotes_player.html

CONFIRM - http://www.vmware.com/support/ace/doc/releasenotes_ace.html

BID - 25732


Last Updated: 27 May 2016 10:53:46