CVE-2007-1337

The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/35508
http://secunia.com/advisories/25079
http://www.securityfocus.com/archive/1/467936/30/6690/threaded
http://www.securityfocus.com/archive/1/469011/30/6510/threaded
http://www.securityfocus.com/bid/23732
http://www.securitytracker.com/id?1018011
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554	Patch
http://www.vupen.com/english/advisories/2007/1592
https://exchange.xforce.ibmcloud.com/vulnerabilities/33990

Configurations

Configuration 1 (hide)

cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-05-02 19:19

Updated : 2023-12-10 10:40

NVD link : CVE-2007-1337

Mitre link : CVE-2007-1337

CVE.ORG link : CVE-2007-1337

JSON object : View

Products Affected

vmware

workstation

CWE

NVD-CWE-Other

{"id": "CVE-2007-1337", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-05-02T19:19:00.000", "references": [{"url": "http://osvdb.org/35508", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25079", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/467936/30/6690/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/469011/30/6510/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/23732", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1018011", "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/1592", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33990", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors."}, {"lang": "es", "value": "El proceso de m\u00e1quina virtual (VMX) en VMware Workstation anterior a 5.5.4 no lee adecuadamente la informaci\u00b4no de estado cuando pasa del estado ACPI de suspensi\u00f3n a ejecuci\u00f3n, lo cual permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de la m\u00e1quina virtual) mediante vectores desconocidos."}], "lastModified": "2018-10-16T16:37:59.657", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D38CD779-4FA1-4367-85FA-44049EC567E9", "versionEndIncluding": "5.5.3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}