CVE-2007-5438

Name of the Vulnerable Software and Affected Versions: VMware Workstation versions 5.5.x through 5.5.7 VMware Workstation versions 6.0.x through 6.0.4 VMware Player versions 1.x through 1.0.7 VMware Player versions 2.x through 2.0.4 VMware ACE versions 1.x through 1.0.6 VMware ACE versions 2.x through 2.0.4 VMware Server versions prior to 1.0.7

Description: The issue is related to an unspecified vulnerability in a certain ActiveX control in Reconfig.DLL, which might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe). This is connected to the ConnectPopulatedDiskEx function.

Recommendations: For VMware Workstation versions 5.5.x through 5.5.7, update to version 5.5.8 build 108000 or later. For VMware Workstation versions 6.0.x through 6.0.4, update to version 6.0.5 build 109488 or later. For VMware Player versions 1.x through 1.0.7, update to version 1.0.8 build 108000 or later. For VMware Player versions 2.x through 2.0.4, update to version 2.0.5 build 109488 or later. For VMware ACE versions 1.x through 1.0.6, update to version 1.0.7 build 108880 or later. For VMware ACE versions 2.x through 2.0.4, update to version 2.0.5 build 109488 or later. For VMware Server versions prior to 1.0.7, update to version 1.0.7 build 108231 or later.