CVE-2007-5618 — Vmware Player vulnerability

3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.1%

top 83.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Player Vmware Server Vmware Workstation

Timeline

PublishedOct 21

Latest updateMay 1

Description

Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages3 packages

▶NVDvmware/player1.0.0 — 1.0.5+1

▶NVDvmware/server< 1.0.4

▶NVDvmware/workstation5.5 — 5.5.5+1

Patches

Patch: www.vmware.com ↗Patch: www.vmware.com ↗Patch: www.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-297c-8rmr-xrxf: Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1↗2022-05-01

▶

CVEList

CVE-2007-5618: Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1↗2007-10-21

▶