3 results (0.022 seconds)

CVSS: 4.6EPSS: 0%CPEs: 71EXPL: 0

Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors. Vulnerabilidad no especificada en un controlado de dispositivo virtual invitado en VMware Workstation versiones anteriores a v5.5.9 build 126128, y v6.5.1 y versiones anteriores 6.x ; VMware Player versiones anteriores a v1.0.9 build 126128, y v2.5.1 y versiones anteriores 2.x; VMware ACE versiones anteriores a v1.0.8 build 125922, y v2.5.1 y versiones anteriores 2.x; VMware Server 1.x versiones anteriores a v1.0.8 build 126538 y 2.0.x versiones anteriores a v2.0.1 build 156745; VMware Fusion versiones anteriore a v2.0.1; VMware ESXi v3.5; y VMware ESX 3.0.2, v3.0.3, y v3.5 permite a usuarios del sistema operativo visitantes provocar una denegación de servicio (caída del sistema operativo host) a través de vectores desconocidos. • http://lists.vmware.com/pipermail/security-announce/2009/000054.html http://seclists.org/fulldisclosure/2009/Apr/0036.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.securityfocus.com/bid/34373 http://www.securitytracker.com/id?1021973 http://www.vmware.com/security/advisories/VMSA-2009-0005.html http://www.vupen.com/english/advisories/2009/0944 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6439 •

CVSS: 5.0EPSS: 6%CPEs: 41EXPL: 2

vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2 build 147997 allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command. En la biblioteca vmwarebase.dll, tal y como es usado en el servicio vmware-authd (también se conoce como vmware-authd.exe), en VMware Workstation versión 6.5.1 build 126130, versión 6.5.1 y anteriores; VMware Player versión 2.5.1 build 126130, versión 2.5.1 y anteriores; VMware ACE versión 2.5.1 y anteriores; VMware Server versiones 2.0.x anteriores a 2.0.1 build 156745; y VMware Fusion anterior a versión 2.0.2 build 147997, permite a atacantes remotos causar una denegación de servicio (bloqueo del demonio) por medio de un comando largo (1) USUARIO o (2) PASS. • https://www.exploit-db.com/exploits/7647 http://lists.vmware.com/pipermail/security-announce/2009/000054.html http://osvdb.org/51180 http://seclists.org/fulldisclosure/2009/Apr/0036.html http://secunia.com/advisories/33372 http://secunia.com/advisories/34601 http://www.securityfocus.com/bid/34373 http://www.securitytracker.com/id?1021512 http://www.vmware.com/security/advisories/VMSA-2009-0005.html http://www.vupen.com/english/advisories/2009/0024 http://www.vupen.com/ • CWE-399: Resource Management Errors •

CVSS: 1.9EPSS: 0%CPEs: 52EXPL: 0

Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe), related to the ConnectPopulatedDiskEx function. Vulnerabilidad no especificada en un cierto control ActiveX en Reconfig.DLL en VMware Workstation 5.5.x anteriores al 5.5.8 build 108000, VMware Workstation versiones 6.0.x anteriores a 6.0.5 build 109488, VMware Player versiones 1.x anteriores a 1.0.8 build 108000, VMware Player versiones 2.x anteriores a 2.0.5 build 109488, VMware ACE versiones 1.x anteriores a 1.0.7 build 108880, VMware ACE versiones 2.x anteriores a 2.0.5 build 109488 y VMware Server versiones anteriores a 1.0.7 build 108231, podría permitir a usuarios locales una denegación de servicio al Virtual Disk Mount Service (vmount2.exe), relacionado con la función ConnectPopulatedDiskEx. • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html http://osvdb.org/43488 http://secunia.com/advisories/31707 http://secunia.com/advisories/31708 http://secunia.com/advisories/31709 http://secunia.com/advisories/31710 http://securityreason.com/securityalert/3219 http://www.eleytt.com/advisories/eleytt_VMWARE1.pdf http://www.securityfocus.com/archive/1/482021/100/0/threaded http://www.securityfocus.com/archive/1/495869/100/0/threaded http://www.secur • CWE-20: Improper Input Validation •