CVE-2007-4496 — Vmware ACE vulnerability

CWE-3994 documents4 sources

Severity

6.5MEDIUMNVD

EPSS

0.4%

top 40.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware ACE Vmware Player Vmware Server +2 more

Timeline

PublishedSep 21

Latest updateMay 1

Description

Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly execute arbitrary code on the host operating system via unspecified vectors.

CVSS vector

AV:A/AC:H/C:C/I:C/A:CExploitability: 2.5 | Impact: 10.0

Affected Packages4 packages

▶NVDvmware/player1.0.0 — 1.0.5+1

▶NVDvmware/server1.0 — 1.0.4

▶NVDvmware/workstation5 — 5.5.5+1

▶NVDvmware/ace1.0 — 1.0.3+1

Also affects: Ubuntu Linux 6.06, 6.10, 7.04

Patches

Patch: www.securityfocus.com ↗Patch: www.vmware.com ↗Patch: www.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-xcv9-w924-vrgq: Unspecified vulnerability in EMC VMware Workstation before 5↗2022-05-01

▶

CVEList

CVE-2007-4496: Unspecified vulnerability in EMC VMware Workstation before 5↗2007-09-21

▶

📋Vendor Advisories

Ubuntu

VMWare vulnerabilities↗2007-11-15

▶