ActiveX Control Vulnerability in VMware Products
CVE-2007-5438

Currently unrated

Key Information:

Vendor: Vmware
Status: Vmware Player; Ace; Vmware Server; Vmware Workstation
Vendor: CVE Published:; 13 October 2007

Summary

An unspecified vulnerability exists within an ActiveX control in the Reconfig.DLL of various VMware products that may allow local users to trigger a denial of service to the Virtual Disk Mount Service (vmount2.exe). This vulnerability is linked to the ConnectPopulatedDiskEx function, affecting multiple versions of VMware Workstation, Player, ACE, and Server, necessitating prompt attention to ensure system integrity and operational continuity.

References

http://osvdb.org/43488

vdb-entryx_refsource_OSVDB

http://securityreason.com/securityalert/3219

third-party-advisoryx_refsource_SREASON

http://www.vmware.com/security/advisories/VMSA-2008-0014....

x_refsource_CONFIRM

Timeline

Vulnerability published
Oct 13, 2007
Vulnerability Reserved
Oct 12, 2007