Lucene search

[email protected]CVE-2007-5023

HistorySep 21, 2007 - 7:17 p.m.

CVE-2007-5023

2007-09-2119:17:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2007-5023

emc vmware workstation

unquoted path vulnerability

nvd

security

privilege escalation

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious “program.exe” file in the C: folder.

Affected configurations

NVD

Node

vmwareaceRange1.0–1.0.3

vmwareplayerRange1.0.0–1.0.5

vmwareplayerRange2.0–2.0.1

vmwareserverRange1.0–1.0.4

vmwareworkstationRange5–5.5.5

vmwareworkstationRange6.0–6.0.1

Node

canonicalubuntu_linuxMatch6.06lts

canonicalubuntu_linuxMatch6.10

canonicalubuntu_linuxMatch7.04

CPENameOperatorVersion
vmware:acevmware acele1.0.3
vmware:playervmware playerle1.0.5
vmware:playervmware playerle2.0.1
vmware:servervmware serverle1.0.4
vmware:workstationvmware workstationle5.5.5
vmware:workstationvmware workstationle6.0.1

CPE	Name	Operator	Version
vmware:ace	vmware ace	le	1.0.3
vmware:player	vmware player	le	1.0.5
vmware:player	vmware player	le	2.0.1
vmware:server	vmware server	le	1.0.4
vmware:workstation	vmware workstation	le	5.5.5
vmware:workstation	vmware workstation	le	6.0.1

References

www.securityfocus.com/bid/25732

www.vmware.com/support/ace/doc/releasenotes_ace.html

www.vmware.com/support/player/doc/releasenotes_player.html

www.vmware.com/support/player2/doc/releasenotes_player2.html

www.vmware.com/support/server/doc/releasenotes_server.html

www.vmware.com/support/ws55/doc/releasenotes_ws55.html

www.vmware.com/support/ws6/doc/releasenotes_ws6.html

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-5023

nvd1 cvelist1 prion1 nessus2