Page 5 of 37 results (0.007 seconds)

CVSS: 6.9EPSS: 0%CPEs: 37EXPL: 0

CVE-2008-0967

https://notcve.org/view.php?id=CVE-2008-0967

Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file. Vulnerabilidad de ruta de búsqueda no confiable en vmware-authd en VMware Workstation versión 5.x anterior a 5.5.7 build 91707 y versión 6.x anterior a 6.0.4 build 93057, VMware Player versión 1.x anterior a 1.0.7 build 91707 y versión 2.x anterior a 2.0.4 build 93057, y VMware Server anterior a 1.0.6 build 91891 en Linux, y VMware ESXi versión 3.5 y VMware ESX versión 2.5.4 hasta 3.5, permite a los usuarios locales obtener privilegios por medio de una opción de path library en un archivo de configuración. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713 http://secunia.com/advisories/30556 http://security.gentoo.org/glsa/glsa-201209-25.xml http://securityreason.com/securityalert/3922 http://securitytracker.com/id?1020198 http://www.securityfocus.com/archive/1/493080/100/0/threaded http://www.securityfocus.com/bid/29557 http://www.vmware.com/security/advisories/VMSA-2008-0009.html http://www.vupen.com/english/advisories/2008/1744 https://exchange.xforce.ibmcloud. •

CVSS: 6.9EPSS: 0%CPEs: 11EXPL: 0

CVE-2008-2099

https://notcve.org/view.php?id=CVE-2008-2099

Unspecified vulnerability in VMCI in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, and VMware ACE 2 before 2.0.2 build 93057 on Windows allows guest OS users to execute arbitrary code on the host OS via unspecified vectors. Vulnerabilidad no especificada en VMCI en VMware Workstation versiones 6 anteriores a 6.0.4 build 93057, VMware Player versiones 2 anteriores a 2.0.4 build 93057 y VMware ACE versiones 2 anteriores a 2.0.2 build 93057 en Windows, permite a los usuarios del SO invitado ejecutar código arbitrario en el SO host por medio de vectores no especificados • http://secunia.com/advisories/30476 http://www.securityfocus.com/archive/1/492831/100/0/threaded http://www.securityfocus.com/bid/29443 http://www.securitytracker.com/id?1020149 http://www.vmware.com/security/advisories/VMSA-2008-0008.html http://www.vupen.com/english/advisories/2008/1707 https://exchange.xforce.ibmcloud.com/vulnerabilities/42757 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 0%CPEs: 28EXPL: 0

CVE-2008-1361

https://notcve.org/view.php?id=CVE-2008-1361

VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362. VMware Workstation versiones 6.0.x anteriores a 6.0.3 y 5.5.x anteriores a 5.5.6, VMware Player versiones 2.0.x anteriores a 2.0.3 y 1.0.x anteriores a 1.0.6, VMware ACE versiones 2.0.x anteriores a 2.0.1 y 1.0.x anteriores a 1.0.5, y VMware Server versiones 1.0.x anteriores a 1.0.5 para Windows permite a usuarios locales conseguir privilegios mediante una manipulación no específica que causa que el proceso authd conecte con un nombre de tubería de su elección, siendo una vulnerabilidad diferente que CVE-2008-1362. • http://lists.vmware.com/pipermail/security-announce/2008/000008.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://securityreason.com/securityalert/3755 http://securitytracker.com/id?1019621 http://www.securityfocus.com/archive/1/489739/100/0/threaded http://www.securityfocus.com/bid/28276 http://www.vmware.com/security/advisories/VMSA-2008-0005.html http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html http://www.vmware.com/support/player/doc/releasenotes_player • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.2EPSS: 0%CPEs: 21EXPL: 0

CVE-2008-1362

https://notcve.org/view.php?id=CVE-2008-1362

VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an "insecurely created named pipe," a different vulnerability than CVE-2008-1361. VMware Workstation versiones 6.0.x anteriores a 6.0.3 y versiones 5.5.x anteriores a 5.5.6, VMware Player versiones 2.0.x anteriores a 2.0.3 y versiones 1.0.x anteriores a 1.0.6, VMware ACE versiones 2.0.x anteriores a 2.0.1 y versiones 1.0.x anteriores a 1.0.5, y VMware Server versiones 1.0.x anteriores a 1.0.5 para Windows permite a usuarios locales conseguir privilegios o provocar una denegación de servicio utilizando la suplantación del proceso authd a través de un uso no especificado de una "tubería de nombres creada de forma no segura", siendo una vulnerabilidad diferente que CVE-2008-1361. • http://lists.vmware.com/pipermail/security-announce/2008/000008.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://securityreason.com/securityalert/3755 http://securitytracker.com/id?1019621 http://www.securityfocus.com/archive/1/489739/100/0/threaded http://www.securityfocus.com/bid/28276 http://www.vmware.com/security/advisories/VMSA-2008-0005.html http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html http://www.vmware.com/support/player/doc/releasenotes_player • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.1EPSS: 3%CPEs: 21EXPL: 0

CVE-2008-1340

https://notcve.org/view.php?id=CVE-2008-1340

Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption." Virtual Machine Communication Interface (VMCI) en VMware Workstation versiones 6.0.x anteriores a 6.0.3, VMware Player versiones 2.0.x anterirores a 2.0.3, y VMware ACE versiones 2.0.x anteriores a 2.0.1 permite a atacantes remotos provocar una denegación de servicio (caída del sistema operativo del servidor) mediante llamadas VMCI especialmente construidas que provocan el agotamiento y la corrupción de la memoria. • http://lists.vmware.com/pipermail/security-announce/2008/000008.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://securityreason.com/securityalert/3755 http://securitytracker.com/id?1019624 http://www.securityfocus.com/archive/1/489739/100/0/threaded http://www.securityfocus.com/bid/28276 http://www.securityfocus.com/bid/28289 http://www.vmware.com/security/advisories/VMSA-2008-0005.html http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html http://www.vmwar • CWE-399: Resource Management Errors •