Lucene search

[email protected]CVE-2007-5438

HistoryOct 13, 2007 - 1:17 a.m.

CVE-2007-5438

2007-10-1301:17:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2007-5438

vmware

workstation

player

ace

server

activex

vulnerability

denial of service

nvd

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.3%

JSON

Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe), related to the ConnectPopulatedDiskEx function.

Affected configurations

NVD

Node

vmwareaceMatch1.0

vmwareaceMatch1.0.1

vmwareaceMatch1.0.2

vmwareaceMatch1.0.3

vmwareaceMatch1.0.4

vmwareaceMatch1.0.5

vmwareaceMatch1.0.6

vmwareaceMatch1.0.7

vmwareaceMatch2.0

vmwareaceMatch2.0.1

vmwareaceMatch2.0.2

vmwareaceMatch2.0.3

vmwareaceMatch2.0.4

vmwareaceMatch2.0.5

vmwarevmware_playerMatch1.0.0

vmwarevmware_playerMatch1.0.1

vmwarevmware_playerMatch1.0.2

vmwarevmware_playerMatch1.0.3

vmwarevmware_playerMatch1.0.4

vmwarevmware_playerMatch1.0.5

vmwarevmware_playerMatch1.0.6

vmwarevmware_playerMatch1.0.7

vmwarevmware_playerMatch1.0.8

vmwarevmware_playerMatch2.0

vmwarevmware_playerMatch2.0.1

vmwarevmware_playerMatch2.0.2

vmwarevmware_playerMatch2.0.3

vmwarevmware_playerMatch2.0.4

vmwarevmware_playerMatch2.0.5

vmwarevmware_serverRange≤1.0.7

vmwarevmware_serverMatch1.0

vmwarevmware_serverMatch1.0.1

vmwarevmware_serverMatch1.0.2

vmwarevmware_serverMatch1.0.3

vmwarevmware_serverMatch1.0.4

vmwarevmware_serverMatch1.0.5

vmwarevmware_serverMatch1.0.6

vmwarevmware_workstationMatch5.5.0

vmwarevmware_workstationMatch5.5.1

vmwarevmware_workstationMatch5.5.2

vmwarevmware_workstationMatch5.5.3

vmwarevmware_workstationMatch5.5.4

vmwarevmware_workstationMatch5.5.5

vmwarevmware_workstationMatch5.5.6

vmwarevmware_workstationMatch5.5.7

vmwarevmware_workstationMatch5.5.8

vmwarevmware_workstationMatch6.0

vmwarevmware_workstationMatch6.0.1

vmwarevmware_workstationMatch6.0.2

vmwarevmware_workstationMatch6.0.3

vmwarevmware_workstationMatch6.0.4

vmwarevmware_workstationMatch6.0.5

CPENameOperatorVersion
vmware:acevmware aceeq1.0
vmware:acevmware aceeq1.0.1
vmware:acevmware aceeq1.0.2
vmware:acevmware aceeq1.0.3
vmware:acevmware aceeq1.0.4
vmware:acevmware aceeq1.0.5
vmware:acevmware aceeq1.0.6
vmware:acevmware aceeq1.0.7
vmware:acevmware aceeq2.0
vmware:acevmware aceeq2.0.1

CPE	Name	Operator	Version
vmware:ace	vmware ace	eq	1.0
vmware:ace	vmware ace	eq	1.0.1
vmware:ace	vmware ace	eq	1.0.2
vmware:ace	vmware ace	eq	1.0.3
vmware:ace	vmware ace	eq	1.0.4
vmware:ace	vmware ace	eq	1.0.5
vmware:ace	vmware ace	eq	1.0.6
vmware:ace	vmware ace	eq	1.0.7
vmware:ace	vmware ace	eq	2.0
vmware:ace	vmware ace	eq	2.0.1

Rows per page:

1-10 of 521

References

lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html

osvdb.org/43488

secunia.com/advisories/31707

secunia.com/advisories/31708

secunia.com/advisories/31709

secunia.com/advisories/31710

securityreason.com/securityalert/3219

www.eleytt.com/advisories/eleytt_VMWARE1.pdf

www.securityfocus.com/archive/1/482021/100/0/threaded

www.securityfocus.com/archive/1/495869/100/0/threaded

www.securityfocus.com/bid/26025

www.securitytracker.com/id?1020791

www.vmware.com/security/advisories/VMSA-2008-0014.html

www.vmware.com/support/ace/doc/releasenotes_ace.html

www.vmware.com/support/ace2/doc/releasenotes_ace2.html

www.vmware.com/support/player/doc/releasenotes_player.html

www.vmware.com/support/player2/doc/releasenotes_player2.html

www.vmware.com/support/server/doc/releasenotes_server.html

www.vmware.com/support/ws55/doc/releasenotes_ws55.html

www.vmware.com/support/ws6/doc/releasenotes_ws6.html

www.vupen.com/english/advisories/2008/2466

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.3%

JSON

Related for CVE-2007-5438

kaspersky1 prion1 nvd1 cvelist1 nessus2 securityvulns2 vmware2