CVE-2007-4058

Name of the Vulnerable Software and Affected Versions: EMC VMware version 6.0.0

Description: The issue concerns an absolute path traversal vulnerability in a certain ActiveX control in vielib.dll. This vulnerability allows remote attackers to execute arbitrary local programs by providing a full pathname in the first argument to the StartProcess() method.

Recommendations: For EMC VMware version 6.0.0, consider restricting access to the StartProcess() method in the affected ActiveX control until a patch is available. As a temporary workaround, avoid using full pathnames in the first argument to the StartProcess() method to minimize the risk of exploitation.