VMware Workstation Unspecified Host Memory Corruption Vulnerability
BID:25728
Info
VMware Workstation Unspecified Host Memory Corruption Vulnerability
| Bugtraq ID: | 25728 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2007-4496 |
| Remote: | No |
| Local: | Yes |
| Published: | Sep 19 2007 12:00AM |
| Updated: | Nov 19 2007 03:54PM |
| Credit: | Rafal Wojtczvk is credited with the discovery of this vulnerability. |
| Vulnerable: |
VMWare Workstation 6.0 VMWare Workstation 5.5.4 build 44386 VMWare Workstation 5.5.3 build 42958 VMWare Workstation 5.5.3 build 34685 VMWare Workstation 5.5.1 Build 19175 VMWare Workstation 5.5.1 VMWare Workstation 5.0 .0 build-13124 VMWare Workstation 4.5.2 VMWare Workstation 4.5.2 VMWare Workstation 4.0.2 VMWare Workstation 4.0.1 VMWare Workstation 4.0 VMWare Workstation 3.4 VMWare Workstation 3.2.1 patch 1 VMWare Workstation 5.5.4 Build 44386 VMWare ESX Server 3.0.1 VMWare ESX Server 3.0 VMWare ESX Server 2.5.4 Patch 5 VMWare ESX Server 2.5.4 Patch 3 VMWare ESX Server 2.5.4 Patch 1 VMWare ESX Server 2.5.4 VMWare ESX Server 2.5.3 Patch 8 VMWare ESX Server 2.5.3 Patch 7 VMWare ESX Server 2.5.3 Patch 6 VMWare ESX Server 2.5.3 Patch 5 VMWare ESX Server 2.5.3 Patch 4 VMWare ESX Server 2.5.3 VMWare ESX Server 2.1.3 Patch 5 VMWare ESX Server 2.1.3 Patch 4 VMWare ESX Server 2.1.3 Patch 2 VMWare ESX Server 2.1.3 VMWare ESX Server 2.0.2 Patch 5 VMWare ESX Server 2.0.2 Patch 4 VMWare ESX Server 2.0.2 Patch 2 VMWare ESX Server 2.0.2 VMWare ESX Server 2.5.3 Patch 2 VMWare ESX Server 2.1.3 Patch 1 VMWare ESX Server 2.0.2 Patch 1 Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Gentoo Linux |
| Not Vulnerable: |
VMWare Workstation 6.0.1 VMWare ESX Server 2.5.4 Patch 10 VMWare ESX Server 2.5.3 Patch 13 VMWare ESX Server 2.1.3 Patch 8 VMWare ESX Server 2.0.2 Patch 8 |
Discussion
VMware Workstation Unspecified Host Memory Corruption Vulnerability
VMware Workstation is prone to an unspecified memory-corruption vulnerability.
An administrative user in a guest operating system may be able to exploit this issue to execute arbitrary code on the host system. This may facilitate a compromise of the affected computer. Failed exploit attempts will likely result in denial-of-service conditions.
VMware Workstation is prone to an unspecified memory-corruption vulnerability.
An administrative user in a guest operating system may be able to exploit this issue to execute arbitrary code on the host system. This may facilitate a compromise of the affected computer. Failed exploit attempts will likely result in denial-of-service conditions.
Exploit / POC
VMware Workstation Unspecified Host Memory Corruption Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
VMware Workstation Unspecified Host Memory Corruption Vulnerability
Solution:
The vendor has released an advisory to address this issue. Please see the references for more information.
Solution:
The vendor has released an advisory to address this issue. Please see the references for more information.
References
VMware Workstation Unspecified Host Memory Corruption Vulnerability
References:
References:
- Notes on VMware Workstation 6.0.1, Build 55017 (VMware)
- VMware Homepage (VMware)