CVE-2007-5671

{"id": "CVE-2007-5671", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.4, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2008-06-05T20:32:00.000", "references": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/30556", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/3922", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1020197", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/493148/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/493172/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/1744", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688", "source": "cve@mitre.org"}, {"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/30556", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/3922", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1020197", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/493148/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/493172/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2008/1744", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\\\.\\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges."}, {"lang": "es", "value": "HGFS.sys en el VMware Tools package en VMware Workstation 5.x anterior a 5.5.6 build 80404, VMware Player anterior a 1.0.6 build 80404, VMware ACE anterior a 1.0.5 build 79846, VMware Server anterior a 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2, no valida correctamente argumentos en el modo de usuario METHOD_NEITHER IOCTLs hacia \\\\.\\hgfs, lo que permite al sistema operativo huesped, modificar ubicaciones de memoria de su elecci\u00f3n en el n\u00facleo de la memoria del sistema huesped y as\u00ed obtener privilegios."}], "lastModified": "2024-11-21T00:38:25.913", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:ace:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "700C0BB4-2272-4405-9D9A-A636E3D22461"}, {"criteria": "cpe:2.3:a:vmware:ace:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFC82A8C-E561-4E35-A84D-66A4D6C90264"}, {"criteria": "cpe:2.3:a:vmware:ace:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D346E48-887C-4D02-BFD3-D323B7F3871C"}, {"criteria": "cpe:2.3:a:vmware:ace:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9C6150A-2DF3-4F7B-B024-0F3DBB686124"}, {"criteria": "cpe:2.3:a:vmware:ace:1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40192EE1-A300-42C3-BC98-286C9E5A281E"}, {"criteria": "cpe:2.3:a:vmware:esx_server:2.5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8ADCA876-2B69-4267-8467-E7E470428D32"}, {"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE"}, {"criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D"}, {"criteria": "cpe:2.3:a:vmware:vmware_player:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3771AFCF-E247-427A-8076-9E36EA457658"}, {"criteria": "cpe:2.3:a:vmware:vmware_player:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17C124AC-C421-459E-8251-E7B3BD33874B"}, {"criteria": "cpe:2.3:a:vmware:vmware_player:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65DD6966-72EA-4C4D-BC90-B0D534834BA8"}, {"criteria": "cpe:2.3:a:vmware:vmware_player:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBFC9B7A-8A40-467B-9102-EE5259EC4D14"}, {"criteria": "cpe:2.3:a:vmware:vmware_player:1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB9565E5-042E-4C62-A7C7-54808B15F0BE"}, {"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8230EFE6-8AB6-41DF-9A46-CAE4E5BB7F2E"}, {"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B2C792F-48DA-46B5-B42E-9A045B393531"}, {"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6"}, {"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370"}, {"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "270D5FAD-A226-4F6F-BF0B-2C6D91C525D1"}, {"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "504CD24F-2EC6-45C0-8E46-69BAE8483521"}, {"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F"}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "294B621F-6C1A-4571-AE13-49495680D255"}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BA47458-E783-4A6A-ABF1-59E8D87E9B33"}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291"}, {"criteria": "cpe:2.3:o:vmware:esx:2.5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1BA6DF4-4D53-482A-8820-B9B0E6EBD51D"}, {"criteria": "cpe:2.3:o:vmware:esx:3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "974D84A6-F5AB-4F0A-B9B5-9095A0E4733C"}, {"criteria": "cpe:2.3:o:vmware:esx:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C3613B7-CA1B-4C9A-9076-A2894202DDA4"}, {"criteria": "cpe:2.3:o:vmware:esx:3.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE7ECF1C-285C-4AA3-8B66-28EDAB0763E8"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}