CVSS: 6.9EPSS: 0%CPEs: 9EXPL: 0CVE-2008-4915
https://notcve.org/view.php?id=CVE-2008-4915
The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS. Una vulnerabilidad sin especificar en la emulación de hardware de CPU en sistemas operativos internos de 32-bit y 64-bit, en VMware Workstation v6.0.5 y anteriores; Player v2.0.x a la v2.0.5 y v1.0.x a la v1.0.8; ACE v2.0.x a la v2.0.5 y anteriores, y v1.0.x a la v1.0.7; Server v1.0.x a la v1.0.7; ESX v2.5.4 a la v3.5; y ESXi v3.5; no maneja de forma adecuada el flag Trap, que permite a usuarios del sistema operativo (SO) huésped obtener privilegios en el SO huésped. • http://lists.vmware.com/pipermail/security-announce/2008/000042.html http://secunia.com/advisories/32612 http://secunia.com/advisories/32624 http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.securityfocus.com/archive/1/498138/100/0/threaded http://www.securityfocus.com/bid/32168 http://www.securitytracker.com/id?1021154 http://www.vmware.com/security/advisories/VMSA-2008-0018.html http://www.vupen.com/english/advisories/2008/3052 https://exchange.xforce.ibmcloud.com • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2008-4279
https://notcve.org/view.php?id=CVE-2008-4279
The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges by triggering an exception that causes the virtual CPU to perform an indirect jump to a non-canonical address. La emulación de hardware de CPU para sistemas operativos invitados de 64 bits en VMware Workstation versión 6.0.x anterior a 6.0.5 build 109488 y versión 5.x anterior a 5.5.8 build 108000; Player versión 2.0.x anterior a 2.0.5 build 109488 y versión 1.x anterior a 1.0.8; Server versión 1.x anterior a 1.0.7 build 108231; y ESX versión 2.5.4 anterior a 3.5, permite a los usuarios del sistema operativo invitado autenticado conseguir privilegios adicionales del sistema operativo invitado mediante la activación de una excepción que hace que la CPU virtual realice un salto indirecto a una dirección no canónica. • http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/064860.html http://marc.info/?l=bugtraq&m=122331139823057&w=2 http://secunia.com/advisories/32157 http://secunia.com/advisories/32179 http://secunia.com/advisories/32180 http://www.securityfocus.com/archive/1/497041/100/0/threaded http://www.securityfocus.com/bid/31569 http://www.securitytracker.com/id?1020991 http://www.vmware.com/security/advisories/VMSA-2008-0016.html http://www.vupen.com/english/advisories&# • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 69%CPEs: 22EXPL: 0CVE-2008-3012
https://notcve.org/view.php?id=CVE-2008-3012
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 does not properly perform memory allocation, which allows remote attackers to execute arbitrary code via a malformed EMF image file, aka "GDI+ EMF Memory Corruption Vulnerability." gdiplus.dll en GDI+ de Microsoft Internet Explorer 6 SP1, Windows XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, Server 2008, Office XP SP3, Office 2003 SP2 y SP3, 2007 Microsoft Office System Gold y SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 y 2008 y Forefront Client Security 1.0 no realiza correctamente la asignación de memoria, lo que permite a atacantes remotos ejecutar código de su elección mediante un archivo de imagen EMF mal formado, también conocido como "GDI+ EMF Memory Corruption Vulnerability (Vulnerabilidad de Corrupción de Memoria GDI+EMF)". • http://marc.info/?l=bugtraq&m=122235754013992&w=2 http://secunia.com/advisories/32154 http://www.securityfocus.com/bid/31019 http://www.securitytracker.com/id?1020835 http://www.us-cert.gov/cas/techalerts/TA08-253A.html http://www.vupen.com/english/advisories/2008/2520 http://www.vupen.com/english/advisories/2008/2696 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval% • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 62%CPEs: 22EXPL: 0CVE-2008-3014
https://notcve.org/view.php?id=CVE-2008-3014
Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed WMF image file that triggers improper memory allocation, aka "GDI+ WMF Buffer Overrun Vulnerability." Desbordamiento de búfer en gdiplus.dll en GDI+ en Microsoft Internet Explorer 6 SP1, Windows XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, Server 2008, Office XP SP3, Office 2003 SP2 y SP3, 2007 Microsoft Office System Gold y SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 y 2008, y Forefront Client Security 1.0, permite a atacantes remotos ejecutar código de su elección a través de un archivo de imagen WMF que lanza una asignación de memoria inadecuada, también conocida como "Vulnerabilidad GDI+ WMF Buffer Overrun". • http://marc.info/?l=bugtraq&m=122235754013992&w=2 http://secunia.com/advisories/32154 http://www.securityfocus.com/bid/31021 http://www.securitytracker.com/id?1020837 http://www.us-cert.gov/cas/techalerts/TA08-253A.html http://www.vupen.com/english/advisories/2008/2520 http://www.vupen.com/english/advisories/2008/2696 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval% • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 68%CPEs: 22EXPL: 1CVE-2007-5348 – Microsoft Internet Explorer - GDI+ (PoC) (MS08-052)
https://notcve.org/view.php?id=CVE-2007-5348
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via an image file with crafted gradient sizes in gradient fill input, which triggers a heap-based buffer overflow related to GdiPlus.dll and VGX.DLL, aka "GDI+ VML Buffer Overrun Vulnerability." Desbordamiento de enteros en GDI+ en Microsoft Internet Explorer versión 6 SP1, Windows XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, Server 2008, Office XP SP3, Office 2003 SP2 y SP3, 2007 Microsoft Office System Gold y SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works versión 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 y 2008, y Forefront Client Security versión 1.0, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo de imagen con tamaño degradado creados en la entrada de relleno de degradado, que activa un desbordamiento de búfer en la región heap de la memoria relacionado con las bibliotecas GdiPlus.dll y VGX.DLL, también se conoce como "GDI+ VML Buffer Overrun Vulnerability." • https://www.exploit-db.com/exploits/6619 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=743 http://marc.info/?l=bugtraq&m=122235754013992&w=2 http://secunia.com/advisories/32154 http://www.securityfocus.com/bid/31018 http://www.securitytracker.com/id?1020834 http://www.us-cert.gov/cas/techalerts/TA08-253A.html http://www.vupen.com/english/advisories/2008/2520 http://www.vupen.com/english/advisories/2008/2696 https://docs.microsoft.com/en-us/secur • CWE-189: Numeric Errors •