Description
Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious "program.exe" file in the C: folder.
Affected products
- Canonical / Ubuntu Linux7.04 – 7.04
- Canonical / Ubuntu Linux6.06 – 6.06
- Canonical / Ubuntu Linux6.10 – 6.10
- VMware / ace1.0 – 1.0.3
- VMware / player1.0.0 – 1.0.5
- VMware / server1.0 – 1.0.4
- VMware / Workstation5 – 5.5.5
References
- VENDOR_ADVISORYhttp://www.vmware.com/support/server/doc/releasenotes_server.html
- VENDOR_ADVISORYhttp://www.vmware.com/support/player2/doc/releasenotes_player2.html
- VENDOR_ADVISORYhttp://www.vmware.com/support/ace/doc/releasenotes_ace.html
- VENDOR_ADVISORYhttp://www.vmware.com/support/player/doc/releasenotes_player.html
- VENDOR_ADVISORYhttp://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
- MISChttp://www.securityfocus.com/bid/25732
- VENDOR_ADVISORYhttp://www.vmware.com/support/ws55/doc/releasenotes_ws55.html