Computer Security
[EN] securityvulns.ru no-pyccku


VMWare software multiple security vulnerabilities
Published:21.09.2007
Source:
SecurityVulns ID:8174
Type:remote
Threat Level:
7/10
Description:Multiple bugs, including remote DHCP server vulnerabilities are fixed.
Affected:VMWARE : VMware Workstation 5.5
 VMWARE : VMware Player 1.0
 VMWARE : VMware Server 1.0
 VMWARE : VMware ACE 1.0
 VMWARE : VMWare Workstation 6.0
 VMWARE : VMware Player 2.0
 VMWARE : VMWare ACE 2.0
 VMWARE : VMware ESX 3.0
 VMWARE : VMware ESX 2.5
 VMWARE : VMware ESX 2.1
 VMWARE : VMware ESX 2.0
CVE:CVE-2007-4497
 CVE-2007-4496
 CVE-2007-4155 (Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first two arguments to the (1) CreateProcess or (2) CreateProcessEx method.)
 CVE-2007-4059 (Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging.dll 5.5.3.42958 in EMC VMware allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SetLogFileName method.)
 CVE-2007-0063
 CVE-2007-0062
 CVE-2007-0061
Original documentdocumentVMWARE, VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player (21.09.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod