Intrusion PreventionVMware.Vielib.ActiveX.Control.Remote.Code.Execution
Description
VMware contains multiple remote code execution vulnerabilities in the 'vielib.dll' ActiveX control. They are a result of the CreateProcess() and CreateProcessEx() functions not validating their arguments. They can be exploited by an attacker, via specially crafted HTML, to execute arbitrary code on a victim's computer with the privileges of the target user.
Affected Products
VMWare Workstation 6.0
VMWare Workstation 5.5.4
VMWare Server 1.0.3
VMWare Player 2.0
VMWare Player 1.0.4
VMWare ACE 2.0
VMWare ACE 1.0.3
Impact
System compromise: arbitrary code execution.
Recommended Actions
VMware Workstation 6.0.0 upgrade to version 6.0.1
VMware Workstation 5.5.4 upgrade to version 5.5.5
VMware Player 2.0.0 upgrade to version 2.0.1
VMware Player 1.0.4 upgrade to version 1.0.5
VMware Server 1.0.3 upgrade to version 1.0.4
VMware ACE 2.0.0 upgrade to version 2.0.1
VMware ACE 1.0.3 upgrade to version 1.0.4
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-12-11 | 16.978 |
| ID | 15049 |
| Created | Oct 11, 2007 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2007-4155 |
| Exploit Prediction Score | 28.09% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |