PT-2007-1556 · Vmware · Vmware Server+3
Publicado
2007-09-21
·
Atualizado
2019-07-16
·
CVE-2007-0063
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
EMC VMware Workstation versions prior to 5.5.5 Build 56455
EMC VMware Workstation versions 6.x prior to 6.0.1 Build 55017
EMC VMware Player versions prior to 1.0.5 Build 56455
EMC VMware Player 2 versions prior to 2.0.1 Build 55017
EMC VMware ACE versions prior to 1.0.3 Build 54075
EMC VMware ACE 2 versions prior to 2.0.1 Build 55017
EMC VMware Server versions prior to 1.0.4 Build 56528
Description
The issue is caused by an integer underflow in the DHCP server, allowing remote attackers to execute arbitrary code via a malformed DHCP packet that triggers a stack-based buffer overflow.
Recommendations
For EMC VMware Workstation versions prior to 5.5.5 Build 56455, update to version 5.5.5 Build 56455 or later.
For EMC VMware Workstation versions 6.x prior to 6.0.1 Build 55017, update to version 6.0.1 Build 55017 or later.
For EMC VMware Player versions prior to 1.0.5 Build 56455, update to version 1.0.5 Build 56455 or later.
For EMC VMware Player 2 versions prior to 2.0.1 Build 55017, update to version 2.0.1 Build 55017 or later.
For EMC VMware ACE versions prior to 1.0.3 Build 54075, update to version 1.0.3 Build 54075 or later.
For EMC VMware ACE 2 versions prior to 2.0.1 Build 55017, update to version 2.0.1 Build 55017 or later.
For EMC VMware Server versions prior to 1.0.4 Build 56528, update to version 1.0.4 Build 56528 or later.
Correção
RCE
Integer Underflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Vmware Ace
Vmware Player
Vmware Server
Vmware Workstation