CVE-2007-5023
CVSS 6.9 - MEDIUM
Description
Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious "program.exe" file in the C: folder.
Affected Products
9| Vendor | Product | Version |
|---|---|---|
| vmware | ace |
All versions
|
| vmware | player |
All versions
|
| vmware | player |
All versions
|
| vmware | server |
All versions
|
| vmware | workstation |
All versions
|
| vmware | workstation |
All versions
|
| canonical | ubuntu_linux |
6.06
|
| canonical | ubuntu_linux |
6.10
|
| canonical | ubuntu_linux |
7.04
|
References
Weakness Types
CWE-264
CVE Information
- CVE ID:
CVE-2007-5023- Published:
- 2007-09-21
- Modified:
- 2026-04-23
- CVSS Score:
- 6.9
- Severity:
- MEDIUM
- Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C
Affected Vendors
canonical
vmware
Quick Actions
CVSS Severity Scale
0.0 - 3.9
LOW
4.0 - 6.9
MEDIUM
7.0 - 8.9
HIGH
9.0 - 10.0
CRITICAL