CVE-2007-4497 — MEDIUM (5.5)

Q: How severe is CVE-2007-4497?

CVE-2007-4497 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2007-4497?

Check the references section above for vendor advisories and patch information. Affected products include: Vmware Ace, Vmware Player, Vmware Server, Vmware Workstation, Canonical Ubuntu Linux.

Vulnerability Description

Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users with login access to a guest operating system to cause a denial of service (guest outage and host process crash or hang) via unspecified vectors.

CVSS Score

5.5

MEDIUM

AV:A/AC:L/Au:S/C:N/I:N/A:C

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Vmware	Ace	>= 1.0, <= 1.0.3
Vmware	Player	>= 1.0.0, <= 1.0.5
Vmware	Server	>= 1.0, <= 1.0.4
Vmware	Workstation	>= 5, <= 5.5.5
Canonical	Ubuntu Linux	6.06

Related Weaknesses (CWE)

CWE-264

References

http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.htmlThird Party Advisory
http://secunia.com/advisories/26890Third Party Advisory
http://secunia.com/advisories/27694Third Party Advisory
http://secunia.com/advisories/27706Third Party Advisory
http://security.gentoo.org/glsa/glsa-200711-23.xmlThird Party Advisory
http://www.securityfocus.com/bid/25731PatchThird Party AdvisoryVDB Entry
http://www.securitytracker.com/id?1018718Third Party AdvisoryVDB Entry
http://www.ubuntu.com/usn/usn-543-1Third Party Advisory
http://www.vmware.com/support/ace/doc/releasenotes_ace.htmlPatchVendor Advisory
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.htmlPatchVendor Advisory
http://www.vmware.com/support/player/doc/releasenotes_player.htmlPatchVendor Advisory
http://www.vmware.com/support/player2/doc/releasenotes_player2.htmlPatchVendor Advisory
http://www.vmware.com/support/server/doc/releasenotes_server.htmlPatchVendor Advisory
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.htmlPatchVendor Advisory
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.htmlPatchVendor Advisory

FAQ

What is CVE-2007-4497?

CVE-2007-4497 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 B...

How severe is CVE-2007-4497?

CVE-2007-4497 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-4497?

Check the references section above for vendor advisories and patch information. Affected products include: Vmware Ace, Vmware Player, Vmware Server, Vmware Workstation, Canonical Ubuntu Linux.