CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2008-3692
https://notcve.org/view.php?id=CVE-2008-3692
03 Sep 2008 — Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3693, CVE-2008-3694, CVE-2008-3... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2008-3693
https://notcve.org/view.php?id=CVE-2008-3693
03 Sep 2008 — Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3694, CVE-2008-3... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2008-3694
https://notcve.org/view.php?id=CVE-2008-3694
03 Sep 2008 — Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2008-3695
https://notcve.org/view.php?id=CVE-2008-3695
03 Sep 2008 — Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2008-3696
https://notcve.org/view.php?id=CVE-2008-3696
03 Sep 2008 — Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html •
CVSS: 7.5EPSS: 3%CPEs: 10EXPL: 0CVE-2008-3697
https://notcve.org/view.php?id=CVE-2008-3697
03 Sep 2008 — An unspecified ISAPI extension in VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (IIS crash) via a malformed request. Una extensión ISAPI sin especificar en VMware Server versiones anteriores a 1.0.7 build 108231 permite a atacantes remotos provocar una denegación de servicio (caída IIS) a través de peticiones mal formadas. • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2008-3698
https://notcve.org/view.php?id=CVE-2008-3698
03 Sep 2008 — Unspecified vulnerability in the OpenProcess function in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 on Windows allows local host OS users to gain privileges on the host OS via unknown vectors. Vulnerabilidad no especificada en la fun... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 70%CPEs: 7EXPL: 1CVE-2008-3892 – VMware - COM API ActiveX Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-3892
03 Sep 2008 — Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a call to the Guest... • https://www.exploit-db.com/exploits/6345 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 26EXPL: 0CVE-2008-3281 – libxml2 denial of service
https://notcve.org/view.php?id=CVE-2008-3281
27 Aug 2008 — libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document. libxml2 2.6.32 y anteriores, no detecta correctamente la recursividad durante la expansión de una entidad en un valor de un atributo; esto permite a atacantes dependientes del contexto provocar una denegación de servicio (consumo de la memoria y la CPU) mediante un documento ... • http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2008-2100
https://notcve.org/view.php?id=CVE-2008-2100
05 Jun 2008 — Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors. Múltiples desbordamientos de buffer en VIX API 1.1.x anteriores a 1.1.4 build 93057 en VMware Workstation 5.x y 6.x, VMware Player 1.x y 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion ... • http://secunia.com/advisories/30556 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •