HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\.\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2008-06-05T20:21:00
Updated: 2024-08-07T15:39:13.584Z
Reserved: 2007-10-23T00:00:00
Link: CVE-2007-5671
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-06-05T20:32:00.000
Modified: 2024-11-21T00:38:25.913
Link: CVE-2007-5671
Redhat
No data.