CVE-2007-5618

Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs.

Published: Oct 21, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-5618
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
vmware / player	1.0.0	1.0.5
vmware / workstation	5.5	5.5.5
vmware / workstation	6.0	6.0.1
vmware / player	2.0	2.0.1
vmware / server	-	1.0.4

http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
http://lists.vmware.com/pipermail/security-announce/2008/000008.html
http://secunia.com/advisories/26890
http://www.securityfocus.com/archive/1/489739/100/0/threaded
http://www.securityfocus.com/bid/28276
http://www.securityfocus.com/bid/28289
http://www.vmware.com/security/advisories/VMSA-2008-0005.html
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
http://www.vmware.com/support/player/doc/releasenotes_player.html
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
http://www.vmware.com/support/server/doc/releasenotes_server.html
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
http://www.vupen.com/english/advisories/2007/3229
http://www.vupen.com/english/advisories/2008/0905/references

Vulnerability Database

289,599

CVE-2007-5618