Intrusion Prevention

VMware.IntraProcessLogging.dll.File.Overwrite

Description

The ActiveX control in IntraProcessLogging.dll in VMware has an arbitrary file overwrite vulnerability. A remote attacker could create or overwrite arbitrary files via the argument to the SetLogFileName method.

Affected Products

IntraProcessLogging.dll 5.5.3.42958 in VMware.

Impact

File Manipulation.

Recommended Actions

Currently we are not aware of any official supplied fix for this issue.

CVE References

CVE-2007-4059