CVSS: 4.6EPSS: 0%CPEs: 71EXPL: 0CVE-2008-4916
https://notcve.org/view.php?id=CVE-2008-4916
Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors. Vulnerabilidad no especificada en un controlado de dispositivo virtual invitado en VMware Workstation versiones anteriores a v5.5.9 build 126128, y v6.5.1 y versiones anteriores 6.x ; VMware Player versiones anteriores a v1.0.9 build 126128, y v2.5.1 y versiones anteriores 2.x; VMware ACE versiones anteriores a v1.0.8 build 125922, y v2.5.1 y versiones anteriores 2.x; VMware Server 1.x versiones anteriores a v1.0.8 build 126538 y 2.0.x versiones anteriores a v2.0.1 build 156745; VMware Fusion versiones anteriore a v2.0.1; VMware ESXi v3.5; y VMware ESX 3.0.2, v3.0.3, y v3.5 permite a usuarios del sistema operativo visitantes provocar una denegación de servicio (caída del sistema operativo host) a través de vectores desconocidos. • http://lists.vmware.com/pipermail/security-announce/2009/000054.html http://seclists.org/fulldisclosure/2009/Apr/0036.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.securityfocus.com/bid/34373 http://www.securitytracker.com/id?1021973 http://www.vmware.com/security/advisories/VMSA-2009-0005.html http://www.vupen.com/english/advisories/2009/0944 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6439 •
CVSS: 4.9EPSS: 0%CPEs: 77EXPL: 0CVE-2009-1146
https://notcve.org/view.php?id=CVE-2009-1146
Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows local users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3761. Vulnerabilidad no especificada en un ioctl de hcmon.sys de VMware Workstation v6.5.1 y anteriores, VMware Player v2.5.1 y anteriores, VMware ACE v2.5.1 y anteriores y VMware Server en sus versiones v1.0.x anteriores a v1.0.9 build 156507 y v2.0.x en sus versiones anteriores a v2.0.1 build 156745. Permite a usuarios locales provocar una denegación de servicio (DOS) a través de vectores de ataque desconocidos utilizando una vulnerabilidad distinta a la especificada en CVE-2008-3761. • http://lists.vmware.com/pipermail/security-announce/2009/000054.html http://seclists.org/fulldisclosure/2009/Apr/0036.html http://www.securityfocus.com/bid/34373 http://www.securitytracker.com/id?1021977 http://www.vmware.com/security/advisories/VMSA-2009-0005.html http://www.vupen.com/english/advisories/2009/0944 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6310 •
CVSS: 7.2EPSS: 0%CPEs: 83EXPL: 0CVE-2009-1147
https://notcve.org/view.php?id=CVE-2009-1147
Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 2.0.x before 2.0.1 build 156745 allows local users to gain privileges via unknown vectors. Vulnerabilidad no especificada en el archivo vmci.sys en la Virtual Machine Communication Interface (VMCI) en VMware Workstation v6.5.1 y anteriores, VMware Player v2.5.1 y anteriores, VMware ACE 2.5.1 y anteriores, y VMware Server v2.0.x anteriores a v2.0.1 build 156745 permite a los usuarios locales obtener privilegios a través de vectores desconocidos. • http://lists.vmware.com/pipermail/security-announce/2009/000054.html http://seclists.org/fulldisclosure/2009/Apr/0036.html http://www.securityfocus.com/bid/34373 http://www.securitytracker.com/id?1021976 http://www.vmware.com/security/advisories/VMSA-2009-0005.html http://www.vupen.com/english/advisories/2009/0944 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5471 •
CVSS: 5.0EPSS: 6%CPEs: 41EXPL: 2CVE-2009-0177 – VMware 2.5.1 - 'VMware-authd' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2009-0177
vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2 build 147997 allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command. En la biblioteca vmwarebase.dll, tal y como es usado en el servicio vmware-authd (también se conoce como vmware-authd.exe), en VMware Workstation versión 6.5.1 build 126130, versión 6.5.1 y anteriores; VMware Player versión 2.5.1 build 126130, versión 2.5.1 y anteriores; VMware ACE versión 2.5.1 y anteriores; VMware Server versiones 2.0.x anteriores a 2.0.1 build 156745; y VMware Fusion anterior a versión 2.0.2 build 147997, permite a atacantes remotos causar una denegación de servicio (bloqueo del demonio) por medio de un comando largo (1) USUARIO o (2) PASS. • https://www.exploit-db.com/exploits/7647 http://lists.vmware.com/pipermail/security-announce/2009/000054.html http://osvdb.org/51180 http://seclists.org/fulldisclosure/2009/Apr/0036.html http://secunia.com/advisories/33372 http://secunia.com/advisories/34601 http://www.securityfocus.com/bid/34373 http://www.securitytracker.com/id?1021512 http://www.vmware.com/security/advisories/VMSA-2009-0005.html http://www.vupen.com/english/advisories/2009/0024 http://www.vupen.com/ • CWE-399: Resource Management Errors •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2008-4917
https://notcve.org/view.php?id=CVE-2008-4917
Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption. Vulnerabilidad sin especificar en VMware Workstation v5.5.8 y anteriores, y v6.0.5 y anteriores, versiones v6.x; VMware Player v1.0.8 y anteriores, y v2.0.5 y versiones anteriores a v2.x; VMware Server v1.0.9 y anteriores; VMware ESXi v3.5; y VMware ESX v3.0.2 a la v3.5, permite a los usuarios del sistema operativo huésped tener un impacto desconocido mediante el envío de una petición de hardware que lanza una operación de escritura física de la memoria, permitiendo una corrupción de memoria. • http://kb.vmware.com/kb/1006980 http://kb.vmware.com/kb/1006986 http://secunia.com/advisories/32965 http://security.gentoo.org/glsa/glsa-201209-25.xml http://securitytracker.com/id?1021300 http://securitytracker.com/id?1021301 http://www.securityfocus.com/archive/1/498863/100/0/threaded http://www.securityfocus.com/archive/1/498886/100/0/threaded http://www.securityfocus.com/bid/32597 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6 • CWE-399: Resource Management Errors •