VMware Vielib.DLL ActiveX Control Multiple Remote Code Execution Vulnerabilities
BID:25131
Info
VMware Vielib.DLL ActiveX Control Multiple Remote Code Execution Vulnerabilities
| Bugtraq ID: | 25131 |
| Class: | Design Error |
| CVE: |
CVE-2007-4155 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 30 2007 12:00AM |
| Updated: | Nov 01 2007 09:16PM |
| Credit: | callAX, and the GOODFELLAS Security Research TEAM discovered these vulnerabilities. |
| Vulnerable: |
VMWare Workstation 6.0 VMWare Workstation 5.5.4 VMWare Workstation 5.5 VMWare Server 1.0.3 VMWare Player 2.0 VMWare Player 1.0.4 VMWare ACE 2.0 VMWare ACE 1.0.3 |
| Not Vulnerable: |
VMWare Workstation 6.0.1 VMWare Workstation 5.5.5 VMWare Server 1.0.4 VMWare Player 2.0.1 VMWare Player 1.0.5 VMWare ACE 2.0.1 VMWare ACE 1.0.4 |
Discussion
VMware Vielib.DLL ActiveX Control Multiple Remote Code Execution Vulnerabilities
An ActiveX control installed with VMware is prone to multiple remote code-execution vulnerabilities.
An attacker can exploit these issues to execute hostile code on a victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer). Successful exploits will allow attackers to execute arbitrary code with the privileges of the affected user; other consequences are possible.
These issues affect VMware 6.0.0; other versions may also be affected.
An ActiveX control installed with VMware is prone to multiple remote code-execution vulnerabilities.
An attacker can exploit these issues to execute hostile code on a victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer). Successful exploits will allow attackers to execute arbitrary code with the privileges of the affected user; other consequences are possible.
These issues affect VMware 6.0.0; other versions may also be affected.
Exploit / POC
VMware Vielib.DLL ActiveX Control Multiple Remote Code Execution Vulnerabilities
To exploit these issues, an attacker must entice an unsuspecting user to view a maliciously crafted web page.
UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
The following exploit is available:
To exploit these issues, an attacker must entice an unsuspecting user to view a maliciously crafted web page.
UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
The following exploit is available:
Solution / Fix
VMware Vielib.DLL ActiveX Control Multiple Remote Code Execution Vulnerabilities
Solution:
The vendor has released an advisory with fixes to address this issue. Please see the referenced advisory for details.
Solution:
The vendor has released an advisory with fixes to address this issue. Please see the referenced advisory for details.
References
VMware Vielib.DLL ActiveX Control Multiple Remote Code Execution Vulnerabilities
References:
References:
- Microsoft Knowledge Base Article 240797 (Microsoft)
- Notes on VMware Workstation 6.0.1, Build 55017 (VMware)
- VMware Homepage (VMware)