CVSS: 9.9EPSS: 0%CPEs: 9EXPL: 0CVE-2008-4915 – VMware Security Advisory 2008-0018
https://notcve.org/view.php?id=CVE-2008-4915
08 Nov 2008 — The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS. Una vulnerabilidad sin especificar en la emulación de hardware de CPU... • http://lists.vmware.com/pipermail/security-announce/2008/000042.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.9EPSS: 0%CPEs: 6EXPL: 0CVE-2008-4279 – vmware-guestescalate.txt
https://notcve.org/view.php?id=CVE-2008-4279
06 Oct 2008 — The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges by triggering an exception that causes the virtual CPU to perform an indirect jump to a non-canonical address. La emulación de hardware de CPU para sistemas oper... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/064860.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 66%CPEs: 7EXPL: 1CVE-2008-3892 – VMware - COM API ActiveX Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-3892
03 Sep 2008 — Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a call to the Guest... • https://www.exploit-db.com/exploits/6345 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2008-3693 – VMware Security Advisory 2008-0014
https://notcve.org/view.php?id=CVE-2008-3693
31 Aug 2008 — Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3694, CVE-2008-3... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html •
CVSS: 7.5EPSS: 3%CPEs: 10EXPL: 0CVE-2008-3697 – VMware Security Advisory 2008-0014
https://notcve.org/view.php?id=CVE-2008-3697
31 Aug 2008 — An unspecified ISAPI extension in VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (IIS crash) via a malformed request. Una extensión ISAPI sin especificar en VMware Server versiones anteriores a 1.0.7 build 108231 permite a atacantes remotos provocar una denegación de servicio (caída IIS) a través de peticiones mal formadas. Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2008-3696 – VMware Security Advisory 2008-0014
https://notcve.org/view.php?id=CVE-2008-3696
31 Aug 2008 — Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2008-3695 – VMware Security Advisory 2008-0014
https://notcve.org/view.php?id=CVE-2008-3695
31 Aug 2008 — Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2008-3692 – VMware Security Advisory 2008-0014
https://notcve.org/view.php?id=CVE-2008-3692
31 Aug 2008 — Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3693, CVE-2008-3694, CVE-2008-3... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2008-3691 – VMware Security Advisory 2008-0014
https://notcve.org/view.php?id=CVE-2008-3691
31 Aug 2008 — Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2008-3694 – VMware Security Advisory 2008-0014
https://notcve.org/view.php?id=CVE-2008-3694
31 Aug 2008 — Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html •