Integer Underflow Vulnerability in VMware Products
CVE-2007-0063

Currently unrated

Key Information:

Vendor

Vmware
Status
Workstation
Player
Ace
Esx
Vendor
CVE Published:
21 September 2007

What is CVE-2007-0063?

The VMware DHCP server, across multiple products and versions, is susceptible to an integer underflow vulnerability that leads to remote code execution. Attackers can exploit this flaw by sending a specially crafted DHCP packet, which triggers a stack-based buffer overflow, potentially allowing the execution of arbitrary code on vulnerable systems. This necessitates careful monitoring and prompt updates to mitigate the security risks associated with this vulnerability.

References

http://lists.grok.org.uk/pipermail/full-disclosure/2007-S...
mailing-listx_refsource_FULLDISC
http://www.securityfocus.com/bid/25729
vdb-entryx_refsource_BID
http://security.gentoo.org/glsa/glsa-200711-23.xml
vendor-advisoryx_refsource_GENTOO

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.