10

CVE-2007-0062

Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients.

Data is provided by the National Vulnerability Database (NVD)
VMwareAce Version1.0.3
VMwareAce Version2.0
VMwarePlayer Version1.0.4
VMwarePlayer Version2.0
VMwareServer Version1.0.3
VMwareVmware Workstation Version6.0.1
VMwareWorkstation Version3.4
VMwareWorkstation Version4.0
VMwareWorkstation Version4.0.1
VMwareWorkstation Version4.0.2
VMwareWorkstation Version4.5.2
VMwareWorkstation Version5.5.0_build_13124
VMwareWorkstation Version5.5.1
VMwareWorkstation Version5.5.1_build_19175
VMwareWorkstation Version5.5.3_build_34685
VMwareWorkstation Version5.5.3_build_42958
VMwareWorkstation Version5.5.4
VMwareWorkstation Version5.5.4_build_44386
VMwareWorkstation Version6.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 5.4% 0.897
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.