CVE-2006-6410

Buffer overflow in an ActiveX control in VMWare 5.5.1 allows local users to execute arbitrary code via a long VmdbDb parameter to the Initialize function.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://securityreason.com/securityalert/2008
http://www.open-security.org/advisories/17	Vendor Advisory
http://www.securityfocus.com/archive/1/452746/100/100/threaded
http://www.securityfocus.com/archive/1/452775/100/100/threaded
http://www.securityfocus.com/bid/19732
https://www.exploit-db.com/exploits/2264

Configurations

Configuration 1 (hide)

cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-12-10 02:28

Updated : 2023-12-10 10:40

NVD link : CVE-2006-6410

Mitre link : CVE-2006-6410

CVE.ORG link : CVE-2006-6410

JSON object : View

Products Affected

vmware

workstation

CWE

NVD-CWE-Other

4.6 /10