CVE-2007-4059

Name of the Vulnerable Software and Affected Versions: EMC VMware IntraProcessLogging.dll version 5.5.3.42958

Description: The issue is related to an absolute path traversal vulnerability in a certain ActiveX control. This allows remote attackers to create or overwrite arbitrary files by providing a full pathname in the argument to the SetLogFileName method.

Recommendations: For EMC VMware IntraProcessLogging.dll version 5.5.3.42958, consider restricting access to the SetLogFileName method until a patch is available. As a temporary workaround, avoid using the SetLogFileName method with untrusted input to minimize the risk of exploitation.