CVE-2011-3868
https://notcve.org/view.php?id=CVE-2011-3868
Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image. Desbordamiento de bufer en VMware Workstation 7.x anterior a v7.1.5, VMware Player v3.x anterior a v3.1.5, VMware Fusion v3.1.x anterior v3.1.3, y VMware AMS permite a atacantes remotos ejecutar código arbitrario mediante un systema de ficheros manipulado UDF en una imagen ISO • http://osvdb.org/76060 http://secunia.com/advisories/46241 http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.securityfocus.com/archive/1/520005/100/0/threaded http://www.securityfocus.com/bid/49942 http://www.securitytracker.com/id?1026139 http://www.vmware.com/security/advisories/VMSA-2011-0011.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-1126
https://notcve.org/view.php?id=CVE-2011-1126
VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory. VMware vmrun,como se utiliza en VIX API v1.x antes de v1.10.3 y VMware Workstation v6.5.x antes de v7.1.4 y v7.x compilación 385536 en Linux podría permitir a usuarios locales conseguir privilegios a través de un caballo de Troya en una librería compartida en un directorio especificado. • http://lists.vmware.com/pipermail/security-announce/2011/000131.html http://secunia.com/advisories/43885 http://secunia.com/advisories/43943 http://securityreason.com/securityalert/8173 http://securitytracker.com/id?1025270 http://www.securityfocus.com/archive/1/517240/100/0/threaded http://www.securityfocus.com/bid/47094 http://www.vmware.com/security/advisories/VMSA-2011-0006.html http://www.vupen.com/english/advisories/2011/0816 https://exchange.xforce.ibmcloud.com/vulnerabilities/664 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2010-4296
https://notcve.org/view.php?id=CVE-2010-4296
vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files. vmware-mount en VMware Workstation 7.x anteriores a la 7.1.2 build 301548 en Linux, VMware Player 3.1.x anteriores a la 3.1.2 build 301548 en Linux, VMware Server 2.0.2 en Linux, y VMware Fusion 3.1.x anteriores a la 3.1.2 build 332101 no carga apropiadamente las librerías, lo que permite a los usuarios del SO base escalar privilegios a través de vectores que involucran ficheros objeto compartidos. • http://lists.vmware.com/pipermail/security-announce/2010/000112.html http://osvdb.org/69584 http://secunia.com/advisories/42453 http://secunia.com/advisories/42482 http://www.securityfocus.com/archive/1/514995/100/0/threaded http://www.securityfocus.com/bid/45168 http://www.securitytracker.com/id?1024819 http://www.securitytracker.com/id?1024820 http://www.vmware.com/security/advisories/VMSA-2010-0018.html http://www.vupen.com/english/advisories/2010/3116 • CWE-863: Incorrect Authorization •
CVE-2010-4294
https://notcve.org/view.php?id=CVE-2010-4294
The frame decompression functionality in the VMnc media codec in VMware Movie Decoder before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548, VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548 on Windows, VMware Player 2.5.x before 2.5.5 build 246459 and 3.x before 3.1.2 build 301548 on Windows, and VMware Server 2.x on Windows does not properly validate an unspecified size field, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted video file. La funcionalidad de descompresión de tramas ("frames") en el codec VMnc media de VMware Movie Decoder en versiones anteriores a la 6.5.5 build 328052 y 7.x anteriores a la 7.1.2 build 301548, VMware Workstation 6.5.x anteriores a la 6.5.5 build 328052 y 7.x anteriores a la 7.1.2 build 301548 en Windows, VMware Player 2.5.x anteriores a la 2.5.5 build 246459 y 3.x anteriores a la 3.1.2 build 301548 en Windows, y VMware Server 2.x en Windows no valida apropiadamente un campo de tamaño sin especificar, lo que permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de la memoria dinámica) a través de un archivo de vídeo modificado. • http://lists.vmware.com/pipermail/security-announce/2010/000112.html http://osvdb.org/69596 http://secunia.com/advisories/42482 http://www.securityfocus.com/archive/1/514995/100/0/threaded http://www.securityfocus.com/bid/45169 http://www.securitytracker.com/id?1024819 http://www.vmware.com/security/advisories/VMSA-2010-0018.html http://www.vupen.com/english/advisories/2010/3116 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2010-4297 – VMware Tools - Update OS Command Injection
https://notcve.org/view.php?id=CVE-2010-4297
The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x before 2.0.8 build 328035 and 3.1.x before 3.1.2 build 332101; VMware ESXi 3.5, 4.0, and 4.1; and VMware ESX 3.0.3, 3.5, 4.0, and 4.1 allows host OS users to gain privileges on the guest OS via unspecified vectors, related to a "command injection" issue. La funcionalidad actualizar de VMware Tools en VMware Workstation 6.5.x anteriores a la 6.5.5 build 328052 y 7.x anteriores a la 7.1.2 build 301548; VMware Player 2.5.x anteriores a la 2.5.5 build 328052 y 3.1.x anteriores a la 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x anteriores a la 2.0.8 build 328035 y 3.1.x anteriores a la 3.1.2 build 332101; VMware ESXi 3.5, 4.0, y 4.1; y VMware ESX 3.0.3, 3.5, 4.0, y 4.1 permite a los usuarios del SO base escalar privilegios en el SO invitado a través de vectores sin especificar. Relacionado con inyecciones de comandos. • https://www.exploit-db.com/exploits/15717 http://lists.vmware.com/pipermail/security-announce/2010/000112.html http://osvdb.org/69590 http://secunia.com/advisories/42480 http://secunia.com/advisories/42482 http://www.securityfocus.com/archive/1/514995/100/0/threaded http://www.securityfocus.com/bid/45166 http://www.securitytracker.com/id?1024819 http://www.securitytracker.com/id?1024820 http://www.vmware.com/security/advisories/VMSA-2010-0018.html http://www.vupen.com/ • CWE-20: Improper Input Validation •