CVE-2007-4496
First published: Fri Sep 21 2007(Updated: )
Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly execute arbitrary code on the host operating system via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware ACE | >=1.0<=1.0.3 | |
| VMware ACE | >=2.0<=2.0.1 | |
| VMware Player | >=1.0.0<=1.0.5 | |
| VMware Player | >=2.0<=2.0.1 | |
| VMware Server | >=1.0<=1.0.4 | |
| VMware Workstation | >=5<=5.5.5 | |
| VMware Workstation | >=6.0<=6.0.1 | |
| Ubuntu Linux | =6.06 | |
| Ubuntu Linux | =6.10 | |
| Ubuntu Linux | =7.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
- http://secunia.com/advisories/26890
- http://secunia.com/advisories/27694
- http://secunia.com/advisories/27706
- http://security.gentoo.org/glsa/glsa-200711-23.xml
- http://www.securityfocus.com/bid/25728
- http://www.securitytracker.com/id?1018718
- http://www.ubuntu.com/usn/usn-543-1
- http://www.vmware.com/support/ace/doc/releasenotes_ace.html
- http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
- http://www.vmware.com/support/player/doc/releasenotes_player.html
- http://www.vmware.com/support/player2/doc/releasenotes_player2.html
- http://www.vmware.com/support/server/doc/releasenotes_server.html
- http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
- http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
- http://www.vupen.com/english/advisories/2007/3229
Frequently Asked Questions
What is the severity of CVE-2007-4496?
The severity of CVE-2007-4496 is not explicitly defined, but it affects multiple VMware products which may lead to authentication issues.
How do I fix CVE-2007-4496?
To fix CVE-2007-4496, update to the specified patched versions of the affected VMware products.
Which VMware products are affected by CVE-2007-4496?
CVE-2007-4496 affects VMware Workstation, Player, Server, and ACE versions before certain builds.
Is CVE-2007-4496 a remote exploit?
CVE-2007-4496 involves authentication issues that may allow unauthorized access, which can be exploited remotely.
What is the impact of CVE-2007-4496 on VMware users?
The impact of CVE-2007-4496 on VMware users includes potential unauthorized access, which poses security risks.
- agent/references
- agent/type
- agent/remedy
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/vmware
- canonical/vmware ace
- version/vmware ace/1.0
- version/vmware ace/1.0.3
- version/vmware ace/2.0
- version/vmware ace/2.0.1
- canonical/vmware player
- version/vmware player/1.0.0
- version/vmware player/1.0.5
- version/vmware player/2.0
- version/vmware player/2.0.1
- canonical/vmware server
- version/vmware server/1.0
- version/vmware server/1.0.4
- canonical/vmware workstation
- version/vmware workstation/5
- version/vmware workstation/5.5.5
- version/vmware workstation/6.0
- version/vmware workstation/6.0.1
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/6.06
- version/ubuntu linux/6.10
- version/ubuntu linux/7.04