Page 10 of 48 results (0.010 seconds)

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 1

Buffer overflow in an ActiveX control in VMWare 5.5.1 allows local users to execute arbitrary code via a long VmdbDb parameter to the Initialize function. Desbordamiento de búfer en un control ActiveX en VMWare 5.5.1 permite a atacantes locales ejecutar código de su elección mediante un parámetro largo VmdbDb en la función Initialize. • https://www.exploit-db.com/exploits/2264 http://securityreason.com/securityalert/2008 http://www.open-security.org/advisories/17 http://www.securityfocus.com/archive/1/452746/100/100/threaded http://www.securityfocus.com/archive/1/452775/100/100/threaded http://www.securityfocus.com/bid/19732 •

CVSS: 3.6EPSS: 0%CPEs: 11EXPL: 0

vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key. vmware-config.pl en VMware for Linux, ESX Server 2.x, y Infrastructure 3 no valida el código de retorno desde la llamada a la función Perl chmod, lo cual podría permitir un fichero llave SSL sea creado con una umask no segura que permite a usuarios locales leer o modificar la llave SSL. • http://kb.vmware.com/kb/2467205 http://secunia.com/advisories/21120 http://secunia.com/advisories/23680 http://securitytracker.com/id?1016536 http://www.osvdb.org/27418 http://www.securityfocus.com/archive/1/440583/100/0/threaded http://www.securityfocus.com/archive/1/441082/100/0/threaded http://www.securityfocus.com/archive/1/456546/100/200/threaded http://www.securityfocus.com/bid/19060 http://www.securityfocus.com/bid/19062 http://www.vmware.com/support/esx2 •

CVSS: 10.0EPSS: 95%CPEs: 20EXPL: 1

Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html http://secunia.com/advisories/18162 http://secunia.com/advisories/18344 http://securityreason.com/securityalert/282 http://securityreason.com/securityalert/289 http://securitytracker.com/id?1015401 http://www.gentoo.org/security/en/glsa/glsa-200601-04.xml http://www.kb.cert.org/vuls/id/856689 http://www.securityfocus.com/archive/1/419997/100/0/threaded http://www.securityfocus.com/archive/1/420017/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •