CVE-2007-5618

{"id": "CVE-2007-5618", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-10-21T21:17:00.000", "references": [{"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26890", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/28276", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/28289", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/3229", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/0905/references", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/26890", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/28276", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/28289", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/3229", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2008/0905/references", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs."}, {"lang": "es", "value": "Una ruta de b\u00fasqueda en Windows sin cerrar las comillas en el servicio Authorization y en otros servicios en el VMware Player 1.0.x anterior al 1.0.5 y el 2.0 anterior al 2.0.1, en el VMware Server anterior al 1.0.4; y en el Workstation 5.x anterior al 5.5.5 y el 6.x anterior al 6.0.1, puede permitir a usuarios locales obtener privilegios a trav\u00e9s de programas maliciosos."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEAB76F0-194A-49C2-9B11-40626D5FE144", "versionEndExcluding": "1.0.5", "versionStartIncluding": "1.0.0"}, {"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35A00737-2932-4877-8E02-1F9534C6FBAE", "versionEndExcluding": "2.0.1", "versionStartIncluding": "2.0"}, {"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E09F612-579E-43BA-95C6-7D910A0CFA56", "versionEndExcluding": "1.0.4"}, {"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27920879-1408-4514-BA3F-B31DD69FACA2", "versionEndExcluding": "5.5.5", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1ACA1016-EAC5-4210-ABDC-C2499F2841EA", "versionEndExcluding": "6.0.1", "versionStartIncluding": "6.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}