CVE-2007-4155
CVE-2007-4155
Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first two arguments to the (1) CreateProcess or (2) CreateProcessEx method.
Affected products
n/a · n/apublic PoCs found — 1
cve_referencewww.exploit-db.com/exploits/4245unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.htmlhttp://secunia.com/advisories/26890https://exchange.xforce.ibmcloud.com/vulnerabilities/35670https://www.exploit-db.com/exploits/4245http://www.securityfocus.com/bid/25131http://www.securitytracker.com/id?1018511http://www.vmware.com/support/ace2/doc/releasenotes_ace2.htmlhttp://www.vmware.com/support/ace/doc/releasenotes_ace.htmlhttp://www.vmware.com/support/player2/doc/releasenotes_player2.htmlhttp://www.vmware.com/support/player/doc/releasenotes_player.htmlhttp://www.vmware.com/support/server/doc/releasenotes_server.htmlhttp://www.vmware.com/support/ws55/doc/releasenotes_ws55.html