CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0CVE-2007-5397
https://notcve.org/view.php?id=CVE-2007-5397
Heap-based buffer overflow in the activePDF Server service (aka APServer.exe) in activePDF Server 3.8.4 and 3.8.5.14, and possibly other versions before 3.8.6.16, allows remote attackers to execute arbitrary code via a packet with a size field that is less than the actual size of the data. Desbordamiento de búfer basado en montículo en el servicio activePDF Server (también conocido como APServer.exe) en activePDF Server 3.8.4 y 3.8.5.14, y posiblemente versiones anteriores a 3.8.6.16, que permite a atacantes remotos ejecutar código de su elección a través de un paquete con un tamaño de campo que es menor que el tamaño de datos actual. • http://secunia.com/advisories/27371 http://secunia.com/secunia_research/2007-87/advisory http://www.securityfocus.com/bid/28013 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 1.9EPSS: 0%CPEs: 52EXPL: 0CVE-2007-5438
https://notcve.org/view.php?id=CVE-2007-5438
Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe), related to the ConnectPopulatedDiskEx function. Vulnerabilidad no especificada en un cierto control ActiveX en Reconfig.DLL en VMware Workstation 5.5.x anteriores al 5.5.8 build 108000, VMware Workstation versiones 6.0.x anteriores a 6.0.5 build 109488, VMware Player versiones 1.x anteriores a 1.0.8 build 108000, VMware Player versiones 2.x anteriores a 2.0.5 build 109488, VMware ACE versiones 1.x anteriores a 1.0.7 build 108880, VMware ACE versiones 2.x anteriores a 2.0.5 build 109488 y VMware Server versiones anteriores a 1.0.7 build 108231, podría permitir a usuarios locales una denegación de servicio al Virtual Disk Mount Service (vmount2.exe), relacionado con la función ConnectPopulatedDiskEx. • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html http://osvdb.org/43488 http://secunia.com/advisories/31707 http://secunia.com/advisories/31708 http://secunia.com/advisories/31709 http://secunia.com/advisories/31710 http://securityreason.com/securityalert/3219 http://www.eleytt.com/advisories/eleytt_VMWARE1.pdf http://www.securityfocus.com/archive/1/482021/100/0/threaded http://www.securityfocus.com/archive/1/495869/100/0/threaded http://www.secur • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 29%CPEs: 19EXPL: 0CVE-2007-0062
https://notcve.org/view.php?id=CVE-2007-0062
Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients. Un desbordamiento enteros en el dhcpd ISC versión 3.0.x anterior a 3.0.7 y versión 3.1.x anterior a 3.1.1; y el servidor DHCP en EMC VMware Workstation anterior a versión 5.5.5 Build 56455 y versión 6.x anterior a 6.0.1 Build 55017, Player anterior a versión 1.0.5 Build 56455 y Player 2 anterior a versión 2.0.1 Build 55017, ACE anterior a versión 1.0.3 Build 54075 y ACE 2 anterior a versión 2.0.1 Build 55017, y Server versión 1.0.4 56528; permite a los atacantes remotos causar una denegación de servicio (bloqueo del demonio) o ejecutar código arbitrario por medio de un paquete DHCP con formato inapropiado con un gran tamaño de mensaje máximo dhcp que desencadena un desbordamiento de búfer en la región stack de la memoria, relacionado con servidores configurados para enviar muchas opciones DHCP a clientes. • http://bugs.gentoo.org/show_bug.cgi?id=227135 http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html http://secunia.com/advisories/26890 http://secunia.com/advisories/27694 http://secunia.com/advisories/27706 http://secunia.com/advisories/31396 http://secunia.com/advisories/34263 http://security.gentoo.org/glsa/glsa-200711-23.xml http://security.gentoo.org/glsa/glsa-200808-05.xml&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 3.6EPSS: 0%CPEs: 11EXPL: 0CVE-2006-3589
https://notcve.org/view.php?id=CVE-2006-3589
vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key. vmware-config.pl en VMware for Linux, ESX Server 2.x, y Infrastructure 3 no valida el código de retorno desde la llamada a la función Perl chmod, lo cual podría permitir un fichero llave SSL sea creado con una umask no segura que permite a usuarios locales leer o modificar la llave SSL. • http://kb.vmware.com/kb/2467205 http://secunia.com/advisories/21120 http://secunia.com/advisories/23680 http://securitytracker.com/id?1016536 http://www.osvdb.org/27418 http://www.securityfocus.com/archive/1/440583/100/0/threaded http://www.securityfocus.com/archive/1/441082/100/0/threaded http://www.securityfocus.com/archive/1/456546/100/200/threaded http://www.securityfocus.com/bid/19060 http://www.securityfocus.com/bid/19062 http://www.vmware.com/support/esx2 •
CVSS: 10.0EPSS: 95%CPEs: 20EXPL: 1CVE-2005-4459
https://notcve.org/view.php?id=CVE-2005-4459
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html http://secunia.com/advisories/18162 http://secunia.com/advisories/18344 http://securityreason.com/securityalert/282 http://securityreason.com/securityalert/289 http://securitytracker.com/id?1015401 http://www.gentoo.org/security/en/glsa/glsa-200601-04.xml http://www.kb.cert.org/vuls/id/856689 http://www.securityfocus.com/archive/1/419997/100/0/threaded http://www.securityfocus.com/archive/1/420017/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •