CVE-2007-1337

The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554	Patch
http://secunia.com/advisories/25079
http://www.securitytracker.com/id?1018011
http://www.securityfocus.com/bid/23732
http://osvdb.org/35508
http://www.vupen.com/english/advisories/2007/1592
https://exchange.xforce.ibmcloud.com/vulnerabilities/33990
http://www.securityfocus.com/archive/1/469011/30/6510/threaded
http://www.securityfocus.com/archive/1/467936/30/6690/threaded

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*

Information

Published : 2007-05-02 12:19

Updated : 2018-10-16 09:37

NVD link : CVE-2007-1337

Mitre link : CVE-2007-1337

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

vmware

workstation

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554", "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/25079", "name": "25079", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.securitytracker.com/id?1018011", "name": "1018011", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.securityfocus.com/bid/23732", "name": "23732", "tags": [], "refsource": "BID"}, {"url": "http://osvdb.org/35508", "name": "35508", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2007/1592", "name": "ADV-2007-1592", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33990", "name": "vmware-acpi-unspecified(33990)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/469011/30/6510/threaded", "name": "20070518 VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/467936/30/6690/threaded", "name": "20070507 VMSA-2007-0004 Multiple Denial-of-Service issues fixed", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-1337", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "severity": "HIGH", "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2007-05-02T19:19Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "5.5.3"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-16T16:37Z"}