CVE-2007-2491

Severity

72%

Complexity

39%

Confidentiality

165%

The PIIX4 power management subsystem in EMC VMware Workstation 5.5.3.34685 and VMware Server 1.0.1.29996 allows local users to write to arbitrary memory locations via a crafted poke to I/O port 0x1004, triggering a denial of service (virtual machine crash) or other unspecified impact, a related issue to CVE-2007-1337.

The PIIX4 power management subsystem in EMC VMware Workstation 5.5.3.34685 and VMware Server 1.0.1.29996 allows local users to write to arbitrary memory locations via a crafted poke to I/O port 0x1004, triggering a denial of service (virtual machine crash) or other unspecified impact, a related issue to CVE-2007-1337.

CVSS 2.0 Base Score 7.2. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

VMWare

First reported 17 years ago

2007-05-04 00:19:00

Last updated 13 years ago

2011-03-08 02:54:00

Affected Software

VMWare VMware Server 1.0.1.29996

1.0.1_build_29996

VMWare VMWare Workstation 5.5.3 build 34685

5.5.3_build_34685

References

40088

http://taviso.decsystem.org/virtsec.pdf

ADV-2007-1592

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.