CVSS: 4.9EPSS: 0%CPEs: 77EXPL: 0CVE-2009-1146
https://notcve.org/view.php?id=CVE-2009-1146
Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows local users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3761. Vulnerabilidad no especificada en un ioctl de hcmon.sys de VMware Workstation v6.5.1 y anteriores, VMware Player v2.5.1 y anteriores, VMware ACE v2.5.1 y anteriores y VMware Server en sus versiones v1.0.x anteriores a v1.0.9 build 156507 y v2.0.x en sus versiones anteriores a v2.0.1 build 156745. Permite a usuarios locales provocar una denegación de servicio (DOS) a través de vectores de ataque desconocidos utilizando una vulnerabilidad distinta a la especificada en CVE-2008-3761. • http://lists.vmware.com/pipermail/security-announce/2009/000054.html http://seclists.org/fulldisclosure/2009/Apr/0036.html http://www.securityfocus.com/bid/34373 http://www.securitytracker.com/id?1021977 http://www.vmware.com/security/advisories/VMSA-2009-0005.html http://www.vupen.com/english/advisories/2009/0944 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6310 •
CVSS: 7.2EPSS: 0%CPEs: 83EXPL: 0CVE-2009-1147
https://notcve.org/view.php?id=CVE-2009-1147
Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 2.0.x before 2.0.1 build 156745 allows local users to gain privileges via unknown vectors. Vulnerabilidad no especificada en el archivo vmci.sys en la Virtual Machine Communication Interface (VMCI) en VMware Workstation v6.5.1 y anteriores, VMware Player v2.5.1 y anteriores, VMware ACE 2.5.1 y anteriores, y VMware Server v2.0.x anteriores a v2.0.1 build 156745 permite a los usuarios locales obtener privilegios a través de vectores desconocidos. • http://lists.vmware.com/pipermail/security-announce/2009/000054.html http://seclists.org/fulldisclosure/2009/Apr/0036.html http://www.securityfocus.com/bid/34373 http://www.securitytracker.com/id?1021976 http://www.vmware.com/security/advisories/VMSA-2009-0005.html http://www.vupen.com/english/advisories/2009/0944 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5471 •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2008-4917
https://notcve.org/view.php?id=CVE-2008-4917
Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption. Vulnerabilidad sin especificar en VMware Workstation v5.5.8 y anteriores, y v6.0.5 y anteriores, versiones v6.x; VMware Player v1.0.8 y anteriores, y v2.0.5 y versiones anteriores a v2.x; VMware Server v1.0.9 y anteriores; VMware ESXi v3.5; y VMware ESX v3.0.2 a la v3.5, permite a los usuarios del sistema operativo huésped tener un impacto desconocido mediante el envío de una petición de hardware que lanza una operación de escritura física de la memoria, permitiendo una corrupción de memoria. • http://kb.vmware.com/kb/1006980 http://kb.vmware.com/kb/1006986 http://secunia.com/advisories/32965 http://security.gentoo.org/glsa/glsa-201209-25.xml http://securitytracker.com/id?1021300 http://securitytracker.com/id?1021301 http://www.securityfocus.com/archive/1/498863/100/0/threaded http://www.securityfocus.com/archive/1/498886/100/0/threaded http://www.securityfocus.com/bid/32597 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6 • CWE-399: Resource Management Errors •
CVSS: 6.9EPSS: 0%CPEs: 9EXPL: 0CVE-2008-4915
https://notcve.org/view.php?id=CVE-2008-4915
The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS. Una vulnerabilidad sin especificar en la emulación de hardware de CPU en sistemas operativos internos de 32-bit y 64-bit, en VMware Workstation v6.0.5 y anteriores; Player v2.0.x a la v2.0.5 y v1.0.x a la v1.0.8; ACE v2.0.x a la v2.0.5 y anteriores, y v1.0.x a la v1.0.7; Server v1.0.x a la v1.0.7; ESX v2.5.4 a la v3.5; y ESXi v3.5; no maneja de forma adecuada el flag Trap, que permite a usuarios del sistema operativo (SO) huésped obtener privilegios en el SO huésped. • http://lists.vmware.com/pipermail/security-announce/2008/000042.html http://secunia.com/advisories/32612 http://secunia.com/advisories/32624 http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.securityfocus.com/archive/1/498138/100/0/threaded http://www.securityfocus.com/bid/32168 http://www.securitytracker.com/id?1021154 http://www.vmware.com/security/advisories/VMSA-2008-0018.html http://www.vupen.com/english/advisories/2008/3052 https://exchange.xforce.ibmcloud.com • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2008-4279
https://notcve.org/view.php?id=CVE-2008-4279
The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges by triggering an exception that causes the virtual CPU to perform an indirect jump to a non-canonical address. La emulación de hardware de CPU para sistemas operativos invitados de 64 bits en VMware Workstation versión 6.0.x anterior a 6.0.5 build 109488 y versión 5.x anterior a 5.5.8 build 108000; Player versión 2.0.x anterior a 2.0.5 build 109488 y versión 1.x anterior a 1.0.8; Server versión 1.x anterior a 1.0.7 build 108231; y ESX versión 2.5.4 anterior a 3.5, permite a los usuarios del sistema operativo invitado autenticado conseguir privilegios adicionales del sistema operativo invitado mediante la activación de una excepción que hace que la CPU virtual realice un salto indirecto a una dirección no canónica. • http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/064860.html http://marc.info/?l=bugtraq&m=122331139823057&w=2 http://secunia.com/advisories/32157 http://secunia.com/advisories/32179 http://secunia.com/advisories/32180 http://www.securityfocus.com/archive/1/497041/100/0/threaded http://www.securityfocus.com/bid/31569 http://www.securitytracker.com/id?1020991 http://www.vmware.com/security/advisories/VMSA-2008-0016.html http://www.vupen.com/english/advisories&# • CWE-264: Permissions, Privileges, and Access Controls •