CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2007-5618
https://notcve.org/view.php?id=CVE-2007-5618
Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs. Una ruta de búsqueda en Windows sin cerrar las comillas en el servicio Authorization y en otros servicios en el VMware Player 1.0.x anterior al 1.0.5 y el 2.0 anterior al 2.0.1, en el VMware Server anterior al 1.0.4; y en el Workstation 5.x anterior al 5.5.5 y el 6.x anterior al 6.0.1, puede permitir a usuarios locales obtener privilegios a través de programas maliciosos. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://lists.vmware.com/pipermail/security-announce/2008/000008.html http://secunia.com/advisories/26890 http://www.securityfocus.com/archive/1/489739/100/0/threaded http://www.securityfocus.com/bid/28276 http://www.securityfocus.com/bid/28289 http://www.vmware.com/security/advisories/VMSA-2008-0005.html http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html http://www.vmware.com/support/player&#x •
CVSS: 6.9EPSS: 0%CPEs: 9EXPL: 0CVE-2007-5023
https://notcve.org/view.php?id=CVE-2007-5023
Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious "program.exe" file in the C: folder. Una vulnerabilidad de ruta (path) de búsqueda de Windows sin comillas en EMC VMware Workstation versiones anteriores a 5.5.5 Build 56455 y versiones 6.x anteriores a 6.0.1 Build 55017, Player versiones anteriores a 1.0.5 Build 56455 y Player versiones 2 anteriores a 2.0.1 Build 55017, ACE versiones anteriores a 1.0.3 Build 54075 y Server versiones anteriores a 1.0.4 Build 56528, permite a usuarios locales alcanzar privilegios por medio de vectores de ataque no especificados, posiblemente involucrando a un archivo malicioso "program.exe" en la carpeta C:. • http://www.securityfocus.com/bid/25732 http://www.vmware.com/support/ace/doc/releasenotes_ace.html http://www.vmware.com/support/player/doc/releasenotes_player.html http://www.vmware.com/support/player2/doc/releasenotes_player2.html http://www.vmware.com/support/server/doc/releasenotes_server.html http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2007-4496
https://notcve.org/view.php?id=CVE-2007-4496
Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly execute arbitrary code on the host operating system via unspecified vectors. Vulnerabilidad no especificada en EMC VMware Workstation anterior a 5.5.5 construcción 56455 and 6.x anterior a 6.0.1 construcción 55017, Player anterior a 1.0.5 construcción 56455 and Player 2 anterior a 2.0.1 construcción 55017, ACE anterior a 1.0.3 construcción 54075 and ACE 2 anterior a 2.0.1 construcción 55017, and Server anterior a 1.0.4 construcción 56528 permite a usuarios validados con privilegios de administrador sobre un sistema operativo invitado corromper su memoria y posiblemente ejecutar código de su elección sobre el sistema operativo alojador a través de vectores no especificados. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://secunia.com/advisories/26890 http://secunia.com/advisories/27694 http://secunia.com/advisories/27706 http://security.gentoo.org/glsa/glsa-200711-23.xml http://www.securityfocus.com/bid/25728 http://www.securitytracker.com/id?1018718 http://www.ubuntu.com/usn/usn-543-1 http://www.vmware.com/support/ace/doc/releasenotes_ace.html http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2007-4497
https://notcve.org/view.php?id=CVE-2007-4497
Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users with login access to a guest operating system to cause a denial of service (guest outage and host process crash or hang) via unspecified vectors. Vulnerabilidad no especificada en EMC VMware Workstation anterior a 5.5.5 Build 56455 y 6.x anterior a 6.0.1 Build 55017, Player anterior a 1.0.5 Build 56455 y Player 2 anterior a 2.0.1 Build 55017, ACE anterior a 1.0.3 Bui9ld 54075 y ACE 2 anterior a 2.0.1 Build 55017, y Server anterior a 1.0.4 Build 56528 permite a usuarios con acceso a un sistema operativo invitado (guest) provocar una denegación de servicio (cuelgue total del sistema invitado y caída o cuelgue del proceso anfitrión) a través de vectores no especificados. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://secunia.com/advisories/26890 http://secunia.com/advisories/27694 http://secunia.com/advisories/27706 http://security.gentoo.org/glsa/glsa-200711-23.xml http://www.securityfocus.com/bid/25731 http://www.securitytracker.com/id?1018718 http://www.ubuntu.com/usn/usn-543-1 http://www.vmware.com/support/ace/doc/releasenotes_ace.html http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 23%CPEs: 16EXPL: 0CVE-2007-0061
https://notcve.org/view.php?id=CVE-2007-0061
The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed packet that triggers "corrupt stack memory." El servidor DHCP en EMC VMware Workstation anterior a 5.5.5 construcción 56455 y 6.x anterior a 6.0.1 construcción 55017, Player anterior a 1.0.5 construcción 56455 y Player 2 anterior a2.0.1 construcción 55017, ACE anterior a1.0.3 construcción 54075 y ACE 2 anterior a2.0.1 construcción 55017, y Server anterior a 1.0.4 construcción 56528 permite a atacantes remotos ejecutar código de su eleccióna través de un paquete malformado que dispara "corrupción de memoria basado en pila". • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://secunia.com/advisories/26890 http://secunia.com/advisories/27694 http://secunia.com/advisories/27706 http://security.gentoo.org/glsa/glsa-200711-23.xml http://www.iss.net/threats/275.html http://www.securityfocus.com/bid/25729 http://www.securitytracker.com/id?1018717 http://www.ubuntu.com/usn/usn-543-1 http://www.vmware.com/support/ace/doc/releasenotes_ace.html http://www.vmware • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •