CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2007-5671
https://notcve.org/view.php?id=CVE-2007-5671
05 Jun 2008 — HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\.\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges. HGFS.sys en el VMware Tools package en VMware Workstation 5.x ante... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0CVE-2008-1340
https://notcve.org/view.php?id=CVE-2008-1340
20 Mar 2008 — Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption." Virtual Machine Communication Interface (VMCI) en VMware Workstation versiones 6.0.x anteriores a 6.0.3, VMware Player versiones 2.0.x anterirores a 2.0.3, y VMware ACE versiones 2.0.x anteriores a 2.0.1 permite a ... • http://lists.vmware.com/pipermail/security-announce/2008/000008.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2008-1361
https://notcve.org/view.php?id=CVE-2008-1361
20 Mar 2008 — VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362. VMware Workstation versiones 6.0.x anteriores a 6.0.3 y 5.5.x anteriores a 5.5.6, VMware Player versiones 2... • http://lists.vmware.com/pipermail/security-announce/2008/000008.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2008-1362
https://notcve.org/view.php?id=CVE-2008-1362
20 Mar 2008 — VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an "insecurely created named pipe," a different vulnerability than CVE-2008-1361. VMware Workstation versiones 6.0.x anteriores a 6.0.3 y versiones 5.5.x anteri... • http://lists.vmware.com/pipermail/security-announce/2008/000008.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2008-1363
https://notcve.org/view.php?id=CVE-2008-1363
20 Mar 2008 — VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation of a config.ini file located in an Application Data folder, which can be used for "hijacking the VMX process." VMware Workstation versiones 6.0.x anteriores a 6.0.3 y versiones 5.5.x anteriores a 5.5.6, VMware Player versi... • http://lists.vmware.com/pipermail/security-announce/2008/000008.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 1%CPEs: 21EXPL: 0CVE-2008-1364
https://notcve.org/view.php?id=CVE-2008-1364
20 Mar 2008 — Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service. Vulnerabilidad no especificada en el servicio DHCP en VMware Workstation versiones 5.5.x anteriores a 5.5.6, VMware Player versiones 1.0.x anteriores a 1.0.6, VMware ACE versiones 1.0.x anteriores a 1.0.5, VMware Server versiones 1.0.x anter... • http://lists.vmware.com/pipermail/security-announce/2008/000008.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2008-1392
https://notcve.org/view.php?id=CVE-2008-1392
20 Mar 2008 — The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors. La configuración por defecto de VMware Workstation 6.0.2, VMware Player versiones 2.0.x anteriores a 2.0.3, y VMware ACE versiones 2.0.x anteriores a 2.0.1 permite el acceso a la consola del sistema operativo cliente mediante llamadas anónimas a la interfaz de progr... • http://lists.vmware.com/pipermail/security-announce/2008/000008.html • CWE-16: Configuration •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2007-5617
https://notcve.org/view.php?id=CVE-2007-5617
21 Oct 2007 — Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images. Vulnerabilidad sin especificar en el VMware Player 1.0.x anterior a la 1.0.5 y la 2.0 anterior a la 2.0.1;y el Workstation 5.x anterior a la 5.5.5 y la 6.x anterior a la 6.0.1, evitando su lanzamiento, lo que tiene un impacto desconocido, relacionado con las imágenes de... • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2007-5618
https://notcve.org/view.php?id=CVE-2007-5618
21 Oct 2007 — Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs. Una ruta de búsqueda en Windows sin cerrar las comillas en el servicio Authorization y en otros servicios en el VMware Player 1.0.x anterior al 1.0.5 y el 2.0 anterior al 2.0.1, en el VMware Server anterior al 1.0.4; y en ... • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html •
CVSS: 7.1EPSS: 0%CPEs: 52EXPL: 0CVE-2007-5438
https://notcve.org/view.php?id=CVE-2007-5438
13 Oct 2007 — Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe), related to the... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html • CWE-20: Improper Input Validation •