CVE-2006-3547

MEDIUM

EMC VMware Player - DoS

Title source: llm

Description

EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed

References (4)

[Third Party Advisory, VDB Entry] http://www.osvdb.org/27524

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/437756/100/200/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/437806/100/200/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/437809/100/200/threaded

Scores

CVSS v3 5.5

EPSS 0.0039

EPSS Percentile 59.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

Status draft

Affected Products (1)

vmware/player

Timeline

Published Jul 13, 2006

Tracked Since Feb 18, 2026