Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-4059Vmware Workstation vulnerability

4 documents4 sources
Severity
5.8MEDIUMNVD
EPSS
11.8%
top 6.27%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Vmware Workstation
Timeline
PublishedJul 30
Latest updateMay 1

Description

Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging.dll 5.5.3.42958 in EMC VMware allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SetLogFileName method.

CVSS vector

AV:N/AC:M/C:N/I:P/A:PExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-8jmw-m2mh-5mcm: Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging2022-05-01
CVEList
CVE-2007-4059: Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging2007-07-30

💥Exploits & PoCs

1
Exploit-DB
VMware 'IntraProcessLogging.dll' 5.5.3.42958 - Arbitrary Data Write2007-07-28
CVE-2007-4059 — Vmware Workstation vulnerability | cvebase