CyberSec.Space Logo
Back to CVE Browser

CVE-2007-0063

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1970%
EPSS Percentile6.06th
PublishedSep 21, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed DHCP packet that triggers a stack-based buffer overflow.

Affected Platforms (CPE)

πŸ“¦
Vmware

Ace

>= 1.0 and < 1.0.3
πŸ“¦
Vmware

Ace

>= 2.0 and < 2.0.1
πŸ“¦
Vmware

Player

>= 1.0 and < 1.0.5
πŸ“¦
Vmware

Player

>= 2.0 and < 2.0.1
πŸ“¦
Vmware

Server

>= 1.0 and < 1.0.4
πŸ“¦
Vmware

Workstation

>= 5.5 and < 5.5.5
πŸ“¦
Vmware

Workstation

>= 6.0 and < 6.0.1
πŸ’»
Vmware

Esx

= 2.0.2
πŸ’»
Vmware

Esx

= 2.1.3
πŸ’»
Vmware

Esx

= 2.5.3
πŸ’»
Vmware

Esx

= 2.5.4
πŸ’»
Vmware

Esx

= 3.0.0
πŸ’»
Vmware

Esx

= 3.0.1
πŸ’»
Canonical

Ubuntu Linux

= 6.06
πŸ’»
Canonical

Ubuntu Linux

= 6.10
πŸ’»
Canonical

Ubuntu Linux

= 7.04

References & Advisories

πŸ”— http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
πŸ”— http://secunia.com/advisories/26890
πŸ”— http://secunia.com/advisories/27694
πŸ”— http://secunia.com/advisories/27706
πŸ”— http://security.gentoo.org/glsa/glsa-200711-23.xml
πŸ”— http://www.iss.net/threats/275.html
πŸ”— http://www.securityfocus.com/bid/25729
πŸ”— http://www.securitytracker.com/id?1018717

Related Vulnerabilities

CVE-2005-445910.0

Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, AC...

CVE-2007-006110.0

The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 564...

CVE-2021-3839710.0

Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an atta...

CVE-2007-006210.0

Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before ...