Vulnerability Name:

CVE-2007-4496 (CCN-36725)

Assigned:2007-09-18
Published:2007-09-18
Updated:2019-08-01
Summary:Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly execute arbitrary code on the host operating system via unspecified vectors.
CVSS v3 Severity:8.2 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.5 Medium (CVSS v2 Vector: AV:A/AC:H/Au:S/C:C/I:C/A:C)
4.8 Medium (Temporal CVSS v2 Vector: AV:A/AC:H/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): High
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-399
Vulnerability Consequences:Gain Privileges
References:Source: CCN
Type: Full-Disclosure Mailing List, Wed Sep 19 2007 - 21:15:23 CDT
VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player

Source: MITRE
Type: CNA
CVE-2007-4496

Source: FULLDISC
Type: Third Party Advisory
20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player

Source: CCN
Type: VMware Security-announce Mailing list, Wed Sep 19 19:15:23 PDT 2007
VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player

Source: CCN
Type: SA26890
VMWare Products Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
26890

Source: CCN
Type: SA26909
VMware ESX Server Multiple Security Updates

Source: SECUNIA
Type: Third Party Advisory
27694

Source: SECUNIA
Type: Third Party Advisory
27706

Source: GENTOO
Type: Third Party Advisory
GLSA-200711-23

Source: CCN
Type: SECTRACK ID: 1018718
VMware Lets Local Users Gain Privileges or Cause Denial of Service Conditions on the Host System

Source: CCN
Type: GLSA-200711-23
VMware Workstation and Player: Multiple vulnerabilities

Source: CCN
Type: OSVDB ID: 40095
VMware Multiple Products Unspecified Administrative Memory Corruption Guest Image Privilege Escalation

Source: BID
Type: Patch, Third Party Advisory, VDB Entry
25728

Source: CCN
Type: BID-25728
VMware Workstation Unspecified Host Memory Corruption Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1018718

Source: CCN
Type: USN-543-1
VMWare vulnerabilities

Source: UBUNTU
Type: Third Party Advisory
USN-543-1

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.vmware.com/support/ace/doc/releasenotes_ace.html

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.vmware.com/support/player/doc/releasenotes_player.html

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.vmware.com/support/player2/doc/releasenotes_player2.html

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.vmware.com/support/server/doc/releasenotes_server.html

Source: CCN
Type: VMware, Inc. Web site
Download Patch ESX-8258730 for VMware ESX Server 3.0.1

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html

Source: VUPEN
Type: Permissions Required
ADV-2007-3229

Source: XF
Type: UNKNOWN
vmware-host-code-execution(36725)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:vmware:ace:*:*:*:*:*:*:*:* (Version >= 1.0 and <= 1.0.3)
  • OR cpe:/a:vmware:ace:*:*:*:*:*:*:*:* (Version >= 2.0 and <= 2.0.1)
  • OR cpe:/a:vmware:player:*:*:*:*:*:*:*:* (Version >= 1.0.0 and <= 1.0.5)
  • OR cpe:/a:vmware:player:*:*:*:*:*:*:*:* (Version >= 2.0 and <= 2.0.1)
  • OR cpe:/a:vmware:server:*:*:*:*:*:*:*:* (Version >= 1.0 and <= 1.0.4)
  • OR cpe:/a:vmware:workstation:*:*:*:*:*:*:*:* (Version >= 5 and <= 5.5.5)
  • OR cpe:/a:vmware:workstation:*:*:*:*:*:*:*:* (Version >= 6.0 and <= 6.0.1)

  • Configuration 2:
  • cpe:/o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:vmware:workstation:5.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:1.0.3_build_54075:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:ace:2.0.1_build_55017:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:server:1.0.4_build_56528:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:5.5:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:5.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:5.5.5_build_56455:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:6.0.1_build_55017:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:5.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:6.0.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06:*:lts:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:16767
    P
    USN-543-1 -- linux-restricted-modules-2.6.17/20, vmware-player-kernel-2.6.15 vulnerabilities
    2014-06-30
    BACK
    vmware ace *
    vmware ace *
    vmware player *
    vmware player *
    vmware server *
    vmware workstation *
    vmware workstation *
    canonical ubuntu linux 6.06
    canonical ubuntu linux 6.10
    canonical ubuntu linux 7.04
    vmware workstation 5.5.1
    vmware workstation 6.0
    vmware ace 1.0
    vmware ace 1.0.3_build_54075
    vmware ace 2.0.1_build_55017
    vmware server 1.0.4_build_56528
    vmware workstation 5.5
    vmware workstation 5.5.3
    vmware workstation 5.5.3_build_34685
    vmware workstation 5.5.5_build_56455
    vmware workstation 6.0.1_build_55017
    vmware workstation 5.5.5
    vmware workstation 6.0.1
    gentoo linux *
    canonical ubuntu 6.06
    canonical ubuntu 7.04