GSD-2007-1337

Vulnerability from gsd - Updated: 2023-12-13 01:21
Details
The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors.
Aliases
Aliases
CVE-2007-1337
To clipboard 

{
  "GSD": {
    "alias": "CVE-2007-1337",
    "description": "The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors.",
    "id": "GSD-2007-1337"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-1337"
      ],
      "details": "The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors.",
      "id": "GSD-2007-1337",
      "modified": "2023-12-13T01:21:39.528176Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-1337",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "vmware-acpi-unspecified(33990)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33990"
          },
          {
            "name": "23732",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/23732"
          },
          {
            "name": "ADV-2007-1592",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/1592"
          },
          {
            "name": "35508",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/35508"
          },
          {
            "name": "20070518 VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/469011/30/6510/threaded"
          },
          {
            "name": "25079",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25079"
          },
          {
            "name": "1018011",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1018011"
          },
          {
            "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554",
            "refsource": "CONFIRM",
            "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554"
          },
          {
            "name": "20070507 VMSA-2007-0004 Multiple Denial-of-Service issues fixed",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/467936/30/6690/threaded"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.5.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-1337"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554"
            },
            {
              "name": "25079",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25079"
            },
            {
              "name": "1018011",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1018011"
            },
            {
              "name": "23732",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/23732"
            },
            {
              "name": "35508",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/35508"
            },
            {
              "name": "ADV-2007-1592",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/1592"
            },
            {
              "name": "vmware-acpi-unspecified(33990)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33990"
            },
            {
              "name": "20070518 VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/469011/30/6510/threaded"
            },
            {
              "name": "20070507 VMSA-2007-0004 Multiple Denial-of-Service issues fixed",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/467936/30/6690/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-16T16:37Z",
      "publishedDate": "2007-05-02T19:19Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.