CVE-2007-5438: Input Validation
First published: Sat Oct 13 2007(Updated: )
Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe), related to the ConnectPopulatedDiskEx function.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Vmware Vmware Player | =1.0.3 | |
| Vmware Vmware Player | =1.0.7 | |
| VMware ACE | =1.0 | |
| VMware ACE | =2.0.5 | |
| Vmware Vmware Player | =1.0.8 | |
| VMware ACE | =1.0.1 | |
| Vmware Vmware Player | =2.0.3 | |
| VMware ACE | =1.0.7 | |
| Vmware Vmware Server | =1.0.1 | |
| VMware VMware Workstation | =6.0.5 | |
| Vmware Vmware Server | =1.0 | |
| Vmware Vmware Player | =1.0.2 | |
| Vmware Vmware Server | =1.0.6 | |
| VMware ACE | =2.0.2 | |
| VMware VMware Workstation | =5.5.6 | |
| Vmware Vmware Server | =1.0.3 | |
| Vmware Vmware Player | =2.0.2 | |
| VMware VMware Workstation | =6.0 | |
| VMware VMware Workstation | =5.5.3 | |
| Vmware Vmware Player | =1.0.5 | |
| VMware ACE | =2.0 | |
| VMware ACE | =2.0.1 | |
| VMware ACE | =1.0.2 | |
| Vmware Vmware Player | =1.0.0 | |
| VMware VMware Workstation | =5.5.5 | |
| Vmware Vmware Player | =2.0.4 | |
| VMware VMware Workstation | =5.5.0 | |
| VMware VMware Workstation | =6.0.4 | |
| VMware VMware Workstation | =5.5.7 | |
| Vmware Vmware Server | =1.0.4 | |
| VMware VMware Workstation | =6.0.2 | |
| Vmware Vmware Player | =1.0.6 | |
| VMware ACE | =1.0.4 | |
| Vmware Vmware Player | =2.0.1 | |
| VMware VMware Workstation | =5.5.2 | |
| Vmware Vmware Player | =1.0.1 | |
| VMware ACE | =1.0.3 | |
| Vmware Vmware Server | =1.0.2 | |
| Vmware Vmware Server | =1.0.5 | |
| Vmware Vmware Player | =1.0.4 | |
| VMware ACE | =2.0.3 | |
| VMware VMware Workstation | =5.5.8 | |
| VMware ACE | =2.0.4 | |
| VMware VMware Workstation | =6.0.3 | |
| VMware VMware Workstation | =6.0.1 | |
| Vmware Vmware Player | =2.0.5 | |
| Vmware Vmware Player | =2.0 | |
| VMware VMware Workstation | =5.5.1 | |
| VMware ACE | =1.0.5 | |
| VMware ACE | =1.0.6 | |
| Vmware Vmware Server | <=1.0.7 | |
| VMware VMware Workstation | =5.5.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.eleytt.com/advisories/eleytt_VMWARE1.pdf
- http://www.securityfocus.com/bid/26025
- http://securityreason.com/securityalert/3219
- http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
- http://www.securitytracker.com/id?1020791
- http://secunia.com/advisories/31707
- http://www.vmware.com/support/player2/doc/releasenotes_player2.html
- http://secunia.com/advisories/31710
- http://secunia.com/advisories/31708
- http://www.vmware.com/support/ace/doc/releasenotes_ace.html
- http://www.vmware.com/security/advisories/VMSA-2008-0014.html
- http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
- http://www.vmware.com/support/server/doc/releasenotes_server.html
- http://secunia.com/advisories/31709
- http://www.vmware.com/support/player/doc/releasenotes_player.html
- http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
- http://osvdb.org/43488
- http://www.vupen.com/english/advisories/2008/2466
- http://www.securityfocus.com/archive/1/495869/100/0/threaded
- http://www.securityfocus.com/archive/1/482021/100/0/threaded
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/tags
- agent/event
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/vmware
- canonical/vmware ace
- version/vmware ace/1.0
- version/vmware ace/1.0.1
- version/vmware ace/1.0.2
- version/vmware ace/1.0.3
- version/vmware ace/1.0.4
- version/vmware ace/1.0.5
- version/vmware ace/1.0.6
- version/vmware ace/1.0.7
- version/vmware ace/2.0
- version/vmware ace/2.0.1
- version/vmware ace/2.0.2
- version/vmware ace/2.0.3
- version/vmware ace/2.0.4
- version/vmware ace/2.0.5
- canonical/vmware vmware player
- version/vmware vmware player/1.0.0
- version/vmware vmware player/1.0.1
- version/vmware vmware player/1.0.2
- version/vmware vmware player/1.0.3
- version/vmware vmware player/1.0.4
- version/vmware vmware player/1.0.5
- version/vmware vmware player/1.0.6
- version/vmware vmware player/1.0.7
- version/vmware vmware player/1.0.8
- version/vmware vmware player/2.0
- version/vmware vmware player/2.0.1
- version/vmware vmware player/2.0.2
- version/vmware vmware player/2.0.3
- version/vmware vmware player/2.0.4
- version/vmware vmware player/2.0.5
- canonical/vmware vmware server
- version/vmware vmware server/1.0.7
- version/vmware vmware server/1.0
- version/vmware vmware server/1.0.1
- version/vmware vmware server/1.0.2
- version/vmware vmware server/1.0.3
- version/vmware vmware server/1.0.4
- version/vmware vmware server/1.0.5
- version/vmware vmware server/1.0.6
- canonical/vmware vmware workstation
- version/vmware vmware workstation/5.5.0
- version/vmware vmware workstation/5.5.1
- version/vmware vmware workstation/5.5.2
- version/vmware vmware workstation/5.5.3
- version/vmware vmware workstation/5.5.4
- version/vmware vmware workstation/5.5.5
- version/vmware vmware workstation/5.5.6
- version/vmware vmware workstation/5.5.7
- version/vmware vmware workstation/5.5.8
- version/vmware vmware workstation/6.0
- version/vmware vmware workstation/6.0.1
- version/vmware vmware workstation/6.0.2
- version/vmware vmware workstation/6.0.3
- version/vmware vmware workstation/6.0.4
- version/vmware vmware workstation/6.0.5