HIGH🇵🇱 Wersja polska

CVE-2007-0063

CVSS 10.0v2.0pub. 2007-09-21upd. 2026-04-23

Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed DHCP packet that triggers a stack-based buffer overflow.

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Canonical Ubuntu

    OS
    Canonical
    6.066.107.04
  • VMware Ace

    APP
    Vmware
    1.0 – 1.0.3 (bez)2.0 – 2.0.1 (bez)
  • VMware Esx

    OS
    Vmware
    2.0.22.1.32.5.32.5.43.0.03.0.1
  • VMware Player

    APP
    Vmware
    1.0 – 1.0.5 (bez)2.0 – 2.0.1 (bez)
  • VMware Server

    APP
    Vmware
    1.0 – 1.0.4 (bez)
  • VMware Workstation

    APP
    Vmware
    5.5 – 5.5.5 (bez)6.0 – 6.0.1 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2025-22224CRITICAL9.3⚠ KEVPL ✓ten sam produkt

VMware ESXi/Workstation: TOCTOU umożliwia ucieczkę z VM przez VMX process

CVE-2022-0543CRITICAL10.0⚠ KEVten sam produkt

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debia...

CVE-2020-11651CRITICAL9.8⚠ KEVten sam produkt

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process Clea...

CVE-2020-7247CRITICAL9.8⚠ KEVten sam produkt

smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote att...