Page 12 of 80 results (0.012 seconds)

CVSS: 10.0EPSS: 18%CPEs: 16EXPL: 0

CVE-2007-0063

https://notcve.org/view.php?id=CVE-2007-0063

Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed DHCP packet that triggers a stack-based buffer overflow. Desbordamiento inferior de entero en el servidor DHCP de EMC VMware Workstation anterior a 5.5.5 Build 56455 y 5.x anterior a 6.0.1 Build 55017, Player anterior a 1.0.5 Build 56455 y Player 2 anterior a 2.0.1 Build 55017, ACE anterior a 1.0.3 Build 54075 y ACE 2 anterior a 2.0.1 Build 55017, y Server anterior a 1.0.4 Build 56527 permite a atacantes remotos ejecutar código de su elección mediante un paquete DHCP mal formado que dispara un desbordamiento de búfer basado en pila. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://secunia.com/advisories/26890 http://secunia.com/advisories/27694 http://secunia.com/advisories/27706 http://security.gentoo.org/glsa/glsa-200711-23.xml http://www.iss.net/threats/275.html http://www.securityfocus.com/bid/25729 http://www.securitytracker.com/id?1018717 http://www.ubuntu.com/usn/usn-543-1 http://www.vmware.com/support/ace/doc/releasenotes_ace.html http://www.vmware • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2007-4593

https://notcve.org/view.php?id=CVE-2007-4593

Unspecified vulnerability in vstor2-ws60.sys in VMWare Workstation 6.0 allows local users to cause a denial of service (host operating system crash) via unspecified vectors, as demonstrated by the DC2 test suite, possibly a related issue to CVE-2007-4591. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad no especificada en vstor2-ws60.sys de VMWare Workstation 6.0 permite a atacantes remotos provocar una denegación de servicio (caída del sistema operativo del host) mediante vectores no especificados, como ha sido demostrado por el paquete de pruebas DC2, posiblemente relacionado con CVE-2007-4591. NOTA: la procedencia de esta información es desconocida; los detalles se han obtenido de información de terceros. • http://osvdb.org/40087 http://secunia.com/advisories/26606 •

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1

CVE-2007-4591

https://notcve.org/view.php?id=CVE-2007-4591

vstor-ws60.sys in VMWare Workstation 6.0 allows local users to cause a denial of service (host operating system crash) and possibly gain privileges by sending a small file buffer size value to the FsSetVolumeInformation IOCTL handler with an FsSetFileInformation subcode. vstor-ws60.sys en VMWare Workstation 6.0 permite a atacantes locales provocar una denegación de servicio (caída del sistema operativo del host) y posiblemente obtener privilegios mediante el envío de una valor pequeño de búfer de fichero al manejador IOCTL FsSetVolumeInformation con un subcódigo FsSetFileInformation. • http://marc.info/?l=bugtraq&m=118805138626360&w=2 http://secunia.com/advisories/26606 http://tarrysingh.blogspot.com/2007/08/security-vmware-workstation-6.html http://www.securityfocus.com/bid/25441 http://www.securitytracker.com/id?1018609 http://www.vupen.com/english/advisories/2007/2992 https://exchange.xforce.ibmcloud.com/vulnerabilities/36277 •

CVSS: 5.8EPSS: 7%CPEs: 1EXPL: 1

CVE-2007-4059 – VMware 'IntraProcessLogging.dll' 5.5.3.42958 - Arbitrary Data Write

https://notcve.org/view.php?id=CVE-2007-4059

Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging.dll 5.5.3.42958 in EMC VMware allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SetLogFileName method. Vulnerabilidad de salto de directorio absoluto en cierto control ActiveX en IntraProcessLogging.dll 5.5.3.42958 en EMC VMware permite a atacantes remotos crear o sobrescribir archivos de su elección a través de un nombre de ruta completa en el argumento en el método SetLogFileName. • https://www.exploit-db.com/exploits/4240 http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://secunia.com/advisories/26890 http://www.securityfocus.com/bid/25110 http://www.vmware.com/support/ace/doc/releasenotes_ace.html http://www.vmware.com/support/player/doc/releasenotes_player.html http://www.vmware.com/support/player2/doc/releasenotes_player2.html http://www.vmware.com/support/server/doc/releasenotes_server.html http://www.vmware.com/support •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0

CVE-2007-2491

https://notcve.org/view.php?id=CVE-2007-2491

The PIIX4 power management subsystem in EMC VMware Workstation 5.5.3.34685 and VMware Server 1.0.1.29996 allows local users to write to arbitrary memory locations via a crafted poke to I/O port 0x1004, triggering a denial of service (virtual machine crash) or other unspecified impact, a related issue to CVE-2007-1337. El subsitema de administración de alimentación PIIX4 en EMC VMware Workstation 5.5.3.34685 y VMware Server 1.0.1.29996 permite a usuarios locales escribir en posiciones de memoria de su elección mediante un escritura en memoria (poke) manipulada en el puerto de entrada/salida 0x1004, disparando una denegación de servicio (caída de máquina virtual) u otro impacto no especificado, tema relacionado en CVE-2007-1337. • http://osvdb.org/40088 http://taviso.decsystem.org/virtsec.pdf http://www.vupen.com/english/advisories/2007/1592 •