PT-2007-6628 · Vmware · Vmware Player+2
Published
2007-10-21
·
Updated
2018-10-26
·
CVE-2007-5618
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
VMware Player versions 1.0.x through 1.0.4
VMware Player version 2.0
VMware Server versions prior to 1.0.4
VMware Workstation versions 5.x through 5.5.4
VMware Workstation versions 6.x through 6.0.0
Description
The issue is related to an unquoted Windows search path vulnerability in the Authorization and other services. This might allow local users to gain privileges via malicious programs.
Recommendations
For VMware Player versions 1.0.x through 1.0.4, update to version 1.0.5 or later.
For VMware Player version 2.0, update to version 2.0.1 or later.
For VMware Server versions prior to 1.0.4, update to version 1.0.4 or later.
For VMware Workstation versions 5.x through 5.5.4, update to version 5.5.5 or later.
For VMware Workstation versions 6.x through 6.0.0, update to version 6.0.1 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Vmware Player
Vmware Server
Vmware Workstation