CVSS: 10.0EPSS: 95%CPEs: 20EXPL: 1CVE-2005-4459
https://notcve.org/view.php?id=CVE-2005-4459
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html http://secunia.com/advisories/18162 http://secunia.com/advisories/18344 http://securityreason.com/securityalert/282 http://securityreason.com/securityalert/289 http://securitytracker.com/id?1015401 http://www.gentoo.org/security/en/glsa/glsa-200601-04.xml http://www.kb.cert.org/vuls/id/856689 http://www.securityfocus.com/archive/1/419997/100/0/threaded http://www.securityfocus.com/archive/1/420017/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2939
https://notcve.org/view.php?id=CVE-2005-2939
Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 build-13124 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder. • http://securitytracker.com/id?1015225 http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities http://www.securityfocus.com/bid/15448 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0444
https://notcve.org/view.php?id=CVE-2005-0444
VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries using a path that includes the rrdharan world-writable temporary directory, which allows local users to execute arbitrary code. • http://security.gentoo.org/glsa/glsa-200502-18.xml •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2004-2515
https://notcve.org/view.php?id=CVE-2004-2515
Format string vulnerability in VMware Workstation 4.5.2 build-8848, if running with elevated privileges, might allow local users to execute arbitrary code via format string specifiers in command line arguments. NOTE: it is not clear if there are any default or typical circumstances under which VMware would be running with privileges beyond those already available to the attackers, so this might not be a vulnerability. • http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1320.html http://www.osvdb.org/12169 http://www.securityfocus.com/bid/11737 https://exchange.xforce.ibmcloud.com/vulnerabilities/18297 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0739
https://notcve.org/view.php?id=CVE-2003-0739
VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary files via a symlink attack. • http://marc.info/?l=bugtraq&m=106029217115023&w=2 http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1106 •