Lucene search

[email protected]CVE-2006-3547

HistoryJul 13, 2006 - 12:05 a.m.

CVE-2006-3547

2006-07-1300:05:00

[email protected]

web.nvd.nist.gov

emc

vmware

player

dos

denial of service

ide1:0.filename

.vmx file

virtual machine

nvd

cve-2006-3547

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.3%

JSON

EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed

Affected configurations

NVD

Node

vmwareplayer

CPENameOperatorVersion
vmware:playervmware playereq*

CPE	Name	Operator	Version
vmware:player	vmware player	eq	*

References

www.osvdb.org/27524

www.securityfocus.com/archive/1/437756/100/200/threaded

www.securityfocus.com/archive/1/437806/100/200/threaded

www.securityfocus.com/archive/1/437809/100/200/threaded

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.3%

JSON

Related for CVE-2006-3547

cvelist1 nvd1