CVE-2007-5438
Summary
| CVE | CVE-2007-5438 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-10-13 01:17:00 UTC |
| Updated | 2026-04-23 00:35:47 UTC |
| Description | Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe), related to the ConnectPopulatedDiskEx function. |
Risk And Classification
Primary CVSS: v2.0 1.9 from [email protected]
AV:L/AC:M/Au:N/C:N/I:N/A:P
Problem Types: CWE-20 | NVD-CWE-noinfo | n/a
CVSS v2.0 Breakdown
Access Vector
LocalAccess Complexity
MediumAuthentication
NoneConfidentiality
NoneIntegrity
NoneAvailability
PartialAV:L/AC:M/Au:N/C:N/I:N/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Vmware | Ace | 1.0 | All | All | All |
| Application | Vmware | Ace | 1.0.1 | All | All | All |
| Application | Vmware | Ace | 1.0.2 | All | All | All |
| Application | Vmware | Ace | 1.0.3 | All | All | All |
| Application | Vmware | Ace | 1.0.4 | All | All | All |
| Application | Vmware | Ace | 1.0.5 | All | All | All |
| Application | Vmware | Ace | 1.0.6 | All | All | All |
| Application | Vmware | Ace | 1.0.7 | All | All | All |
| Application | Vmware | Ace | 2.0 | All | All | All |
| Application | Vmware | Ace | 2.0.1 | All | All | All |
| Application | Vmware | Ace | 2.0.2 | All | All | All |
| Application | Vmware | Ace | 2.0.3 | All | All | All |
| Application | Vmware | Ace | 2.0.4 | All | All | All |
| Application | Vmware | Ace | 2.0.5 | All | All | All |
| Application | Vmware | Vmware Player | 1.0.0 | All | All | All |
| Application | Vmware | Vmware Player | 1.0.1 | All | All | All |
| Application | Vmware | Vmware Player | 1.0.2 | All | All | All |
| Application | Vmware | Vmware Player | 1.0.3 | All | All | All |
| Application | Vmware | Vmware Player | 1.0.4 | All | All | All |
| Application | Vmware | Vmware Player | 1.0.5 | All | All | All |
| Application | Vmware | Vmware Player | 1.0.6 | All | All | All |
| Application | Vmware | Vmware Player | 1.0.7 | All | All | All |
| Application | Vmware | Vmware Player | 1.0.8 | All | All | All |
| Application | Vmware | Vmware Player | 2.0 | All | All | All |
| Application | Vmware | Vmware Player | 2.0.1 | All | All | All |
| Application | Vmware | Vmware Player | 2.0.2 | All | All | All |
| Application | Vmware | Vmware Player | 2.0.3 | All | All | All |
| Application | Vmware | Vmware Player | 2.0.4 | All | All | All |
| Application | Vmware | Vmware Player | 2.0.5 | All | All | All |
| Application | Vmware | Vmware Server | 1.0 | All | All | All |
| Application | Vmware | Vmware Server | 1.0.1 | All | All | All |
| Application | Vmware | Vmware Server | 1.0.2 | All | All | All |
| Application | Vmware | Vmware Server | 1.0.3 | All | All | All |
| Application | Vmware | Vmware Server | 1.0.4 | All | All | All |
| Application | Vmware | Vmware Server | 1.0.5 | All | All | All |
| Application | Vmware | Vmware Server | 1.0.6 | All | All | All |
| Application | Vmware | Vmware Server | All | All | All | All |
| Application | Vmware | Vmware Workstation | 5.5.0 | All | All | All |
| Application | Vmware | Vmware Workstation | 5.5.1 | All | All | All |
| Application | Vmware | Vmware Workstation | 5.5.2 | All | All | All |
| Application | Vmware | Vmware Workstation | 5.5.3 | All | All | All |
| Application | Vmware | Vmware Workstation | 5.5.4 | All | All | All |
| Application | Vmware | Vmware Workstation | 5.5.5 | All | All | All |
| Application | Vmware | Vmware Workstation | 5.5.6 | All | All | All |
| Application | Vmware | Vmware Workstation | 5.5.7 | All | All | All |
| Application | Vmware | Vmware Workstation | 5.5.8 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.0 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.0.1 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.0.2 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.0.3 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.0.4 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.0.5 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| VMware Player Release Notes | af854a3a-2127-422b-91ae-364da2661108 | www.vmware.com | |
| SecurityFocus | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| VMware ACE Multiple Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| SecurityFocus | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| osvdb.org/43488 | af854a3a-2127-422b-91ae-364da2661108 | osvdb.org | |
| VMware Server Release Notes | af854a3a-2127-422b-91ae-364da2661108 | www.vmware.com | |
| CXSecurity - IDS | af854a3a-2127-422b-91ae-364da2661108 | securityreason.com | |
| VMware ACE Release Notes | af854a3a-2127-422b-91ae-364da2661108 | www.vmware.com | |
| VMware Workstation/ACE/Player/Server ActiveX Controls Let Remote Users Execute Arbitrary Code - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | |
| VMware Player Multiple Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| VMware Workstation 6 Release Notes | af854a3a-2127-422b-91ae-364da2661108 | www.vmware.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | Vendor Advisory |
| VMSA-2008-0014.3 - VMware | af854a3a-2127-422b-91ae-364da2661108 | www.vmware.com | |
| VMware Player Release Notes | af854a3a-2127-422b-91ae-364da2661108 | www.vmware.com | |
| VMware Workstation 5.5 Release Notes | af854a3a-2127-422b-91ae-364da2661108 | www.vmware.com | |
| eleytt.com | af854a3a-2127-422b-91ae-364da2661108 | www.eleytt.com | |
| VMware Workstation Multiple Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| [Full-disclosure] VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. | af854a3a-2127-422b-91ae-364da2661108 | lists.grok.org.uk | |
| VMware ACE Release Notes | af854a3a-2127-422b-91ae-364da2661108 | www.vmware.com | |
| VMware Virtual Disk Mount Service Reconfig.DLL Denial Of Service Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| VMware Server Multiple Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.