CVE-2007-1056 Information

Feb 14, 2021 cve

Description

VMware Workstation 5.5.3 build 34685 does not provide per-user restrictions on certain privileged actions which allows local users to perform restricted operations such as changing system time accessing hardware components and stopping the \VMware tools service\ service. NOTE: exploitation is simplified via (1) weak file permissions (Users = Read & Execute) for PROGRAMFILES\VMware; and weak registry key permissions (access by Users) for (2) vmmouse (3) vmscsi (4) VMTools (5) vmx_svga and (6) vmxnet in HKLM\SYSTEM\CurrentControlSet\Services\; which allows local users to perform various privileged actions outside of the guest OS by executing certain files under PROGRAMFILES\VMware\VMware Tools as demonstrated by (a) VMControlPanel.cpl and (b) vmwareservice.exe.

Reference

http://osvdb.org/45244 http://securityreason.com/securityalert/2281 http://www.securityfocus.com/archive/1/460664/100/0/threaded http://www.securityfocus.com/archive/1/461807/100/0/threaded

Share on: