Page 5 of 37 results (0.053 seconds)

CVSS: 7.2EPSS: 0%CPEs: 17EXPL: 0

CVE-2008-2100

https://notcve.org/view.php?id=CVE-2008-2100

Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors. Múltiples desbordamientos de buffer en VIX API 1.1.x anteriores a 1.1.4 build 93057 en VMware Workstation 5.x y 6.x, VMware Player 1.x y 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, y VMware ESX 3.0.1 hasta la 3.5, permite a los usuarios del sistema huésped, ejecutar código arbitrario en el sistema anfitrión a través de vectores no específicos. • http://secunia.com/advisories/30556 http://security.gentoo.org/glsa/glsa-201209-25.xml http://securityreason.com/securityalert/3922 http://securitytracker.com/id?1020200 http://www.securityfocus.com/archive/1/493080/100/0/threaded http://www.securityfocus.com/bid/29552 http://www.vmware.com/security/advisories/VMSA-2008-0009.html http://www.vupen.com/english/advisories/2008/1744 https://exchange.xforce.ibmcloud.com/vulnerabilities/42872 https://oval.cisecurity.org/repository/search/de • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.9EPSS: 0%CPEs: 37EXPL: 0

CVE-2008-0967

https://notcve.org/view.php?id=CVE-2008-0967

Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file. Vulnerabilidad de ruta de búsqueda no confiable en vmware-authd en VMware Workstation versión 5.x anterior a 5.5.7 build 91707 y versión 6.x anterior a 6.0.4 build 93057, VMware Player versión 1.x anterior a 1.0.7 build 91707 y versión 2.x anterior a 2.0.4 build 93057, y VMware Server anterior a 1.0.6 build 91891 en Linux, y VMware ESXi versión 3.5 y VMware ESX versión 2.5.4 hasta 3.5, permite a los usuarios locales obtener privilegios por medio de una opción de path library en un archivo de configuración. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713 http://secunia.com/advisories/30556 http://security.gentoo.org/glsa/glsa-201209-25.xml http://securityreason.com/securityalert/3922 http://securitytracker.com/id?1020198 http://www.securityfocus.com/archive/1/493080/100/0/threaded http://www.securityfocus.com/bid/29557 http://www.vmware.com/security/advisories/VMSA-2008-0009.html http://www.vupen.com/english/advisories/2008/1744 https://exchange.xforce.ibmcloud. •

CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0

CVE-2008-1363

https://notcve.org/view.php?id=CVE-2008-1363

VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation of a config.ini file located in an Application Data folder, which can be used for "hijacking the VMX process." VMware Workstation versiones 6.0.x anteriores a 6.0.3 y versiones 5.5.x anteriores a 5.5.6, VMware Player versiones 2.0.x anteriores a 2.0.3 y versiones 1.0.x anteriores a 1.0.6, VMware ACE versiones 2.0.x anteriores a 2.0.1 y versiones 1.0.x anteriores a 1.0.5, y VMware Server versiones 1.0.x anteriores a 1.0.5 para Windows permite a usuarios locales obtener privilegios mediante una modificación no especificada del fichero config.ini localizado en la carpeta de Datos de Aplicación, que puede ser usado para "secuestrar el proceso VMX". • http://lists.vmware.com/pipermail/security-announce/2008/000008.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://securityreason.com/securityalert/3755 http://securitytracker.com/id?1019622 http://www.securityfocus.com/archive/1/489739/100/0/threaded http://www.securityfocus.com/bid/28276 http://www.vmware.com/security/advisories/VMSA-2008-0005.html http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html http://www.vmware.com/support/player/doc/releasenotes_player • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.1EPSS: 3%CPEs: 21EXPL: 0

CVE-2008-1340

https://notcve.org/view.php?id=CVE-2008-1340

Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption." Virtual Machine Communication Interface (VMCI) en VMware Workstation versiones 6.0.x anteriores a 6.0.3, VMware Player versiones 2.0.x anterirores a 2.0.3, y VMware ACE versiones 2.0.x anteriores a 2.0.1 permite a atacantes remotos provocar una denegación de servicio (caída del sistema operativo del servidor) mediante llamadas VMCI especialmente construidas que provocan el agotamiento y la corrupción de la memoria. • http://lists.vmware.com/pipermail/security-announce/2008/000008.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://securityreason.com/securityalert/3755 http://securitytracker.com/id?1019624 http://www.securityfocus.com/archive/1/489739/100/0/threaded http://www.securityfocus.com/bid/28276 http://www.securityfocus.com/bid/28289 http://www.vmware.com/security/advisories/VMSA-2008-0005.html http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html http://www.vmwar • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0

CVE-2008-1364

https://notcve.org/view.php?id=CVE-2008-1364

Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service. Vulnerabilidad no especificada en el servicio DHCP en VMware Workstation versiones 5.5.x anteriores a 5.5.6, VMware Player versiones 1.0.x anteriores a 1.0.6, VMware ACE versiones 1.0.x anteriores a 1.0.5, VMware Server versiones 1.0.x anteriores a 1.0.5, y VMware Fusion versiones 1.1.x anteriores a 1.1.1 permite a atacantes provocar una denegación de servicio. • http://lists.vmware.com/pipermail/security-announce/2008/000008.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://securityreason.com/securityalert/3755 http://securitytracker.com/id?1019623 http://www.securityfocus.com/archive/1/489739/100/0/threaded http://www.securityfocus.com/bid/28276 http://www.securityfocus.com/bid/28289 http://www.vmware.com/security/advisories/VMSA-2008-0005.html http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html http://www.v • CWE-399: Resource Management Errors •