CVE-2007-5617 - OpenCVE

Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Vmware	Workstation Player

Configuration 1 [-]

OR	cpe:2.3:a:vmware:player::::::::
	cpe:2.3:a:vmware:player::::::::
	cpe:2.3:a:vmware:workstation::::::::
	cpe:2.3:a:vmware:workstation::::::::

References

Link	Resource
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html	Third Party Advisory
http://secunia.com/advisories/26890	Third Party Advisory
http://secunia.com/advisories/27706	Third Party Advisory
http://security.gentoo.org/glsa/glsa-200711-23.xml	Third Party Advisory
http://www.vmware.com/support/player/doc/releasenotes_player.html	Patch Vendor Advisory
http://www.vmware.com/support/player2/doc/releasenotes_player2.html	Patch Vendor Advisory
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html	Patch Vendor Advisory
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html	Patch Vendor Advisory
http://www.vupen.com/english/advisories/2007/3229	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-10-21T21:00:00

Updated: 2007-11-15T10:00:00

Reserved: 2007-10-21T00:00:00

Link: CVE-2007-5617

JSON object: View

NVD Information

Status : Analyzed

Published: 2007-10-21T21:17:00.000

Modified: 2018-10-26T14:17:00.557

Link: CVE-2007-5617

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-09-20T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2007-11-15T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"name": "GLSA-200711-23", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"}, {"name": "ADV-2007-3229", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"}, {"name": "26890", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26890"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"}, {"name": "27706", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27706"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5617", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"name": "GLSA-200711-23", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"}, {"name": "ADV-2007-3229", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"}, {"name": "26890", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26890"}, {"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"}, {"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"}, {"name": "27706", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27706"}, {"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5617", "datePublished": "2007-10-21T21:00:00", "dateReserved": "2007-10-21T00:00:00", "dateUpdated": "2007-11-15T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*", "matchCriteriaId": "EEAB76F0-194A-49C2-9B11-40626D5FE144", "versionEndExcluding": "1.0.5", "versionStartIncluding": "1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*", "matchCriteriaId": "35A00737-2932-4877-8E02-1F9534C6FBAE", "versionEndExcluding": "2.0.1", "versionStartIncluding": "2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*", "matchCriteriaId": "27920879-1408-4514-BA3F-B31DD69FACA2", "versionEndExcluding": "5.5.5", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*", "matchCriteriaId": "1ACA1016-EAC5-4210-ABDC-C2499F2841EA", "versionEndExcluding": "6.0.1", "versionStartIncluding": "6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en el VMware Player 1.0.x anterior a la 1.0.5 y la 2.0 anterior a la 2.0.1;y el Workstation 5.x anterior a la 5.5.5 y la 6.x anterior a la 6.0.1, evitando su lanzamiento, lo que tiene un impacto desconocido, relacionado con las im\u00e1genes de m\u00e1quina virtual no confiables."}], "id": "CVE-2007-5617", "lastModified": "2018-10-26T14:17:00.557", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-10-21T21:17:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/26890"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/27706"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3229"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}