mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
1.1 KiB
1.1 KiB
CVE-2007-4155
Description
Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first two arguments to the (1) CreateProcess or (2) CreateProcessEx method.
POC
Reference
- http://www.vmware.com/support/ace/doc/releasenotes_ace.html
- http://www.vmware.com/support/player/doc/releasenotes_player.html
- http://www.vmware.com/support/player2/doc/releasenotes_player2.html
- http://www.vmware.com/support/server/doc/releasenotes_server.html
- http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
- http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
- https://www.exploit-db.com/exploits/4245
Github
No PoCs found on GitHub currently.