CVE-2007-4497
First published: Fri Sep 21 2007(Updated: )
Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users with login access to a guest operating system to cause a denial of service (guest outage and host process crash or hang) via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware Workstation | >=5<=5.5.5 | |
| VMware Workstation | >=6.0<=6.0.1 | |
| VMware Player | >=1.0.0<=1.0.5 | |
| VMware Player | >=2.0<=2.0.1 | |
| VMware ACE | >=1.0<=1.0.3 | |
| VMware ACE | >=2.0<=2.0.1 | |
| VMware Server | >=1.0<=1.0.4 | |
| Ubuntu Linux | =6.06 | |
| Ubuntu Linux | =7.04 | |
| Ubuntu Linux | =6.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
- http://secunia.com/advisories/26890
- http://secunia.com/advisories/27694
- http://secunia.com/advisories/27706
- http://security.gentoo.org/glsa/glsa-200711-23.xml
- http://www.securityfocus.com/bid/25731
- http://www.securitytracker.com/id?1018718
- http://www.ubuntu.com/usn/usn-543-1
- http://www.vmware.com/support/ace/doc/releasenotes_ace.html
- http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
- http://www.vmware.com/support/player/doc/releasenotes_player.html
- http://www.vmware.com/support/player2/doc/releasenotes_player2.html
- http://www.vmware.com/support/server/doc/releasenotes_server.html
- http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
- http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
- http://www.vupen.com/english/advisories/2007/3229
Frequently Asked Questions
What is the severity of CVE-2007-4497?
CVE-2007-4497 is classified as a medium severity vulnerability affecting multiple VMware products.
How do I fix CVE-2007-4497?
To fix CVE-2007-4497, upgrade your VMware products to the versions that contain the security patch, specifically above the specified build numbers.
Which versions of VMware are affected by CVE-2007-4497?
CVE-2007-4497 affects VMware Workstation versions before 5.5.5 Build 56455 and 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and 2.0.1 Build 55017, and other specific versions of ACE and Server.
What types of products are vulnerable to CVE-2007-4497?
VMware Workstation, Player, ACE, and Server are among the vulnerable products listed under CVE-2007-4497.
Is Ubuntu Linux affected by CVE-2007-4497?
Yes, specific versions of Ubuntu Linux 6.06, 6.10, and 7.04 are mentioned in relation to CVE-2007-4497.
- agent/references
- agent/type
- agent/remedy
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/vmware
- canonical/vmware workstation
- version/vmware workstation/5
- version/vmware workstation/5.5.5
- version/vmware workstation/6.0
- version/vmware workstation/6.0.1
- canonical/vmware player
- version/vmware player/1.0.0
- version/vmware player/1.0.5
- version/vmware player/2.0
- version/vmware player/2.0.1
- canonical/vmware ace
- version/vmware ace/1.0
- version/vmware ace/1.0.3
- version/vmware ace/2.0
- version/vmware ace/2.0.1
- canonical/vmware server
- version/vmware server/1.0
- version/vmware server/1.0.4
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/6.06
- version/ubuntu linux/7.04
- version/ubuntu linux/6.10