CVE-2007-0061
VMware Security Advisory 2007-0006
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed packet that triggers "corrupt stack memory."
El servidor DHCP en EMC VMware Workstation anterior a 5.5.5 construcción 56455 y 6.x anterior a 6.0.1 construcción 55017, Player anterior a 1.0.5 construcción 56455 y Player 2 anterior a2.0.1 construcción 55017, ACE anterior a1.0.3 construcción 54075 y ACE 2 anterior a2.0.1 construcción 55017, y Server anterior a 1.0.4 construcción 56528 permite a atacantes remotos ejecutar código de su eleccióna través de un paquete malformado que dispara "corrupción de memoria basado en pila".
Multiple vulnerabilities have been discovered in several VMware products. Neel Mehta and Ryan Smith (IBM ISS X-Force) discovered that the DHCP server contains an integer overflow vulnerability, an integer underflow vulnerability and another error when handling malformed packets, leading to stack-based buffer overflows or stack corruption. Rafal Wojtczvk (McAfee) discovered two unspecified errors that allow authenticated users with administrative or login privileges on a guest operating system to corrupt memory or cause a Denial of Service. Another unspecified vulnerability related to untrusted virtual machine images was discovered. Versions less than 6.0.1.55017 are affected.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-01-04 CVE Reserved
- 2007-09-20 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (18)
| URL | Tag | Source |
|---|---|---|
| http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html | Mailing List | |
| http://secunia.com/advisories/26890 | Third Party Advisory | |
| http://secunia.com/advisories/27694 | Third Party Advisory | |
| http://secunia.com/advisories/27706 | Third Party Advisory | |
| http://www.securitytracker.com/id?1018717 | Third Party Advisory | |
| http://www.vupen.com/english/advisories/2007/3229 | Third Party Advisory | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33101 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-200711-23.xml | 2019-07-16 | |
| http://www.ubuntu.com/usn/usn-543-1 | 2019-07-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vmware Search vendor "Vmware" | Ace Search vendor "Vmware" for product "Ace" | >= 1.0 < 1.0.3 Search vendor "Vmware" for product "Ace" and version " >= 1.0 < 1.0.3" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Ace Search vendor "Vmware" for product "Ace" | >= 2.0 < 2.0.1 Search vendor "Vmware" for product "Ace" and version " >= 2.0 < 2.0.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | >= 1.0 < 1.0.5 Search vendor "Vmware" for product "Player" and version " >= 1.0 < 1.0.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | >= 2.0 < 2.0.1 Search vendor "Vmware" for product "Player" and version " >= 2.0 < 2.0.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Server Search vendor "Vmware" for product "Server" | >= 1.0 < 1.0.4 Search vendor "Vmware" for product "Server" and version " >= 1.0 < 1.0.4" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | >= 5.5 < 5.5.5 Search vendor "Vmware" for product "Workstation" and version " >= 5.5 < 5.5.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | >= 6.0 < 6.0.1 Search vendor "Vmware" for product "Workstation" and version " >= 6.0 < 6.0.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esx Search vendor "Vmware" for product "Esx" | 2.0.2 Search vendor "Vmware" for product "Esx" and version "2.0.2" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esx Search vendor "Vmware" for product "Esx" | 2.1.3 Search vendor "Vmware" for product "Esx" and version "2.1.3" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esx Search vendor "Vmware" for product "Esx" | 2.5.3 Search vendor "Vmware" for product "Esx" and version "2.5.3" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esx Search vendor "Vmware" for product "Esx" | 2.5.4 Search vendor "Vmware" for product "Esx" and version "2.5.4" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esx Search vendor "Vmware" for product "Esx" | 3.0.0 Search vendor "Vmware" for product "Esx" and version "3.0.0" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esx Search vendor "Vmware" for product "Esx" | 3.0.1 Search vendor "Vmware" for product "Esx" and version "3.0.1" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 6.06 Search vendor "Canonical" for product "Ubuntu Linux" and version "6.06" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 6.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "6.10" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 7.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "7.04" | - |
Affected
| ||||||