CVE-2007-2491

high

VMware

CVSS v3 Base Score

7.2

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS Score

0.0%

Exploitation probability in 30 days

Top 88% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: May 4, 2007 (6950 days ago)

Last Modified: April 23, 2026

Vendor: VMware

Source: NVD

Description

The PIIX4 power management subsystem in EMC VMware Workstation 5.5.3.34685 and VMware Server 1.0.1.29996 allows local users to write to arbitrary memory locations via a crafted poke to I/O port 0x1004, triggering a denial of service (virtual machine crash) or other unspecified impact, a related issue to CVE-2007-1337.

CWE

NVD-CWE-Other

Affected Products

vmware servervmware workstation

References

🔗 osvdb.org 🔗 taviso.decsystem.org 🔗 www.vupen.com 🔗 osvdb.org 🔗 taviso.decsystem.org

CVE-2007-2491

Vulnerability Report

Description

CWE

Affected Products

References