nvd-json-data-feeds/CVE-2007/CVE-2007-50xx/CVE-2007-5023.json

{
  "id": "CVE-2007-5023",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2007-09-21T19:17:00.000",
  "lastModified": "2024-11-21T00:36:57.927",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious \"program.exe\" file in the C: folder."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de ruta (path) de b\u00fasqueda de Windows sin comillas en EMC VMware Workstation versiones anteriores a 5.5.5 Build 56455 y versiones 6.x anteriores a 6.0.1 Build 55017, Player versiones anteriores a 1.0.5 Build 56455 y Player versiones 2 anteriores a 2.0.1 Build 55017, ACE versiones anteriores a 1.0.3 Build 54075 y Server versiones anteriores a 1.0.4 Build 56528, permite a usuarios locales alcanzar privilegios por medio de vectores de ataque no especificados, posiblemente involucrando a un archivo malicioso \"program.exe\" en la carpeta C:."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "baseScore": 6.9,
          "accessVector": "LOCAL",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE"
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": true,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "1.0",
              "versionEndIncluding": "1.0.3",
              "matchCriteriaId": "5A98FBF6-45D0-48BC-8E24-8C7F136F53AB"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "1.0.0",
              "versionEndIncluding": "1.0.5",
              "matchCriteriaId": "FBF86A1B-FC17-4CB4-9F3C-726491C117BB"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "2.0",
              "versionEndIncluding": "2.0.1",
              "matchCriteriaId": "DA625B0B-2837-4B5A-9B36-FC77CF0748AC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "1.0",
              "versionEndIncluding": "1.0.4",
              "matchCriteriaId": "574C5392-7607-4F34-A661-CF618AA52BC4"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "5",
              "versionEndIncluding": "5.5.5",
              "matchCriteriaId": "CB7F4F51-A9B8-4CA9-AE2C-458E61DB9D47"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "6.0",
              "versionEndIncluding": "6.0.1",
              "matchCriteriaId": "40975D44-E804-4A1C-9577-18D7DE1051E5"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
              "matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.securityfocus.com/bid/25732",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/25732",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    }
  ]
}