CVE-2010-1141
https://notcve.org/view.php?id=CVE-2010-1141
VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share. VMware Tools en VMware Workstation v6.5.x before v6.5.4 build v246459; VMware Player v2.5.x anterior a v2.5.4 build 246459; VMware ACE v2.5.x anterior a v2.5.4 build 246459; VMware Server v2.x anterior a v2.0.2 build 203138; VMware Fusion v2.x anterior a v2.0.6 build 246742; VMware ESXi v3.5 y v4.0; y VMware ESX 2.5.5, 3.0.3, 3.5, y 4.0 no accede adecuadamente a las bibliotecas de acceso, lo cual permite a atacantes remotos ayudados por usuarios ejecutar código a su elección al engañar a un usuario en un cliente Windows OS a hacer clic en un archivo que se almacena en un recurso compartido de red. • http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html http://lists.vmware.com/pipermail/security-announce/2010/000090.html http://secunia.com/advisories/39198 http://secunia.com/advisories/39206 http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.securitytracker.com/id?1023832 http://www.securitytracker.com/id?1023833 http://www.vmware.com/security/advisories/VMSA-2010-0007.html https://oval • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2010-1138
https://notcve.org/view.php?id=CVE-2010-1138
The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process. La pila de la red virtual en VMware Workstation v7.0 anteriores a v7.0.1 build 227600, VMware Workstation v6.5.x anteriores a v6.5.4 build 246459 en Windows, VMware Player v3.0 anteriores a v3.0.1 build 227600, VMware Player v2.5.x anteriores a v2.5.4 build 246459 en Windows, VMware ACE v2.6 anteriores a v2.6.1 build 227600 y v2.5.x anteriores a v2.5.4 build 246459, VMware Server v2.x, y VMware Fusion v3.0 anteriores a v3.0.1 build 232708 y v2.x anteriores a v2.0.7 build 246742 permite a atacantes remotos obtener información sensible de la memoria en el sistema operativo anfitrión mediante el examen de los paquetes de red recibidos, relacionado con la interacción entre el sistema operativo invitado y el proceso vmware-vx anfitrión. • http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html http://lists.vmware.com/pipermail/security-announce/2010/000090.html http://osvdb.org/63607 http://secunia.com/advisories/39203 http://secunia.com/advisories/39206 http://secunia.com/advisories/39215 http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.securityfocus.com/bid/39395 http://www.securitytracker.com/id?1023836 http://www • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2010-1142
https://notcve.org/view.php?id=CVE-2010-1142
VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk. VMware Tools en VMware Workstation v6.5.x anterior v6.5.4 build 246459; VMware Player v2.5.x anterior v2.5.4 build 246459; VMware ACE v2.5.x anterior v2.5.4 build 246459; VMware Server v2.x anterior v2.0.2 build 203138; VMware Fusion v2.x anterior v2.0.6 build 246742; VMware ESXi v3.5 y v4.0; y VMware ESX v2.5.5, v3.0.3, v3.5, y v4.0 no cargan adecuadamente los programas VMware, lo que puede permitir a usuarios de petición de sistemas operativos Windows obtener privilegios estableciendo un troyano en una dirección no especificada en el disco de petición OS. • http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html http://lists.vmware.com/pipermail/security-announce/2010/000090.html http://secunia.com/advisories/39198 http://secunia.com/advisories/39206 http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt http://www.securityfocus.com/bid/39394 http://www.securitytracker.com/id?1023832 http://www& • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2009-1565
https://notcve.org/view.php?id=CVE-2009-1565
vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted HexTile-encoded video chunks that trigger heap-based buffer overflows, related to "integer truncation errors." vmnc.dll en el codec multimedia VMnc anteriores a v6.5.4 Build 246459 en Windows, y el decodificados de video en VMware Workstation v6.5.x anteriores a v6.5.4 build 246459, VMware Player v2.5.x anteriores a v2.5.4 build 246459, y VMware Server v2.x en Windows, permite a atacantes remotos ejecutar código de forma arbitraria a traves de un fichero avi con trozos de vídeo codificado HexTile manipulado lo que inicia un desbordamiento de búfer de memoria dinámica, relacionado con los errores de truncado de entero. • http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html http://lists.vmware.com/pipermail/security-announce/2010/000090.html http://secunia.com/advisories/36712 http://secunia.com/advisories/39206 http://secunia.com/advisories/39215 http://secunia.com/secunia_research/2009-37 http://www.osvdb.org/63615 http://www.securityfocus.com/bid/39364 http://www.securitytracker.com/id?1023838 http://www.vmwar • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-1139
https://notcve.org/view.php?id=CVE-2010-1139
Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata. Vulnerabilidad de formato de cadena en vmrun en VMware VIX API v1.6.x, VMware Workstation v6.5.x antes de v6.5.4 build 246459, VMware Player v2.5.x antes de v2.5.4 build 246.459, y VMware Server v2.x en Linux y VMware Fusion v2.x antes de v2.0.7 build 246.742, permite a usuarios locales conseguir privilegios a través de especificadores de formato de cadenas en los metadatos de proceso. • http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html http://lists.vmware.com/pipermail/security-announce/2010/000090.html http://osvdb.org/63606 http://secunia.com/advisories/39201 http://secunia.com/advisories/39206 http://secunia.com/advisories/39215 http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.securityfocus.com/bid/39407 http://www.securitytracker.com/id?1023835 http://www • CWE-134: Use of Externally-Controlled Format String •