CVSS: 6.8EPSS: 0%CPEs: 93EXPL: 0CVE-2009-1244
https://notcve.org/view.php?id=CVE-2009-1244
Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916. Una vulnerabilidad no especificada en la función de pantalla de máquina virtual de en VMware Workstation v6.5.1 y anteriores; VMware Player v2.5.1 y anteriores; VMware ACE v2.5.1 y anteriores; VMware Server v1.x antes de la v1.0.9 build 156507 y v2.x antes de v2.0.1 build 156745; VMware Fusion antes de la v2.0.4 build 159196; VMware ESXi 3.5 y VMware ESX v3.0.2, v3.0.3 y v3.5 permite ejecutar, a los usuarios invitados, código arbitrario en el sistema operativo anfitrión a través de vectores desconocidos, una vulnerabilidad diferente a la CVE-2008-4916. • http://lists.vmware.com/pipermail/security-announce/2009/000055.html http://osvdb.org/53634 http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.securityfocus.com/archive/1/502615/100/0/threaded http://www.securityfocus.com/bid/34471 http://www.securitytracker.com/id?1022031 http://www.vmware.com/security/advisories/VMSA-2009-0006.html http://www.vupen.com/english/advisories/2009/0944 https://exchange.xforce.ibmcloud.com/vulnerabilities/49834 https://oval.cisecurity.org •
CVSS: 4.6EPSS: 0%CPEs: 71EXPL: 0CVE-2008-4916
https://notcve.org/view.php?id=CVE-2008-4916
Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors. Vulnerabilidad no especificada en un controlado de dispositivo virtual invitado en VMware Workstation versiones anteriores a v5.5.9 build 126128, y v6.5.1 y versiones anteriores 6.x ; VMware Player versiones anteriores a v1.0.9 build 126128, y v2.5.1 y versiones anteriores 2.x; VMware ACE versiones anteriores a v1.0.8 build 125922, y v2.5.1 y versiones anteriores 2.x; VMware Server 1.x versiones anteriores a v1.0.8 build 126538 y 2.0.x versiones anteriores a v2.0.1 build 156745; VMware Fusion versiones anteriore a v2.0.1; VMware ESXi v3.5; y VMware ESX 3.0.2, v3.0.3, y v3.5 permite a usuarios del sistema operativo visitantes provocar una denegación de servicio (caída del sistema operativo host) a través de vectores desconocidos. • http://lists.vmware.com/pipermail/security-announce/2009/000054.html http://seclists.org/fulldisclosure/2009/Apr/0036.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.securityfocus.com/bid/34373 http://www.securitytracker.com/id?1021973 http://www.vmware.com/security/advisories/VMSA-2009-0005.html http://www.vupen.com/english/advisories/2009/0944 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6439 •
CVSS: 2.1EPSS: 0%CPEs: 8EXPL: 0CVE-2009-0518
https://notcve.org/view.php?id=CVE-2009-0518
VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 before Update 4, and VMware ESX 3.5 before Update 4 retains the VirtualCenter Server password in process memory, which might allow local users to obtain this password. VI Client de VMware VirtualCenter en versiones anteriores a la v2.5 Update 4, VMware ESXi 3.5 en sus versiones anteriores a Update 4, and VMware ESX 3.5 en sus versiones anteriores a Update 4 retienen la contraseña de VirtualCenter Server en la memoria de proceso, lo que puede permitir a los usuarios locales obtener esta contraseña. • http://lists.vmware.com/pipermail/security-announce/2009/000054.html http://seclists.org/fulldisclosure/2009/Apr/0036.html http://secunia.com/advisories/34585 http://www.securityfocus.com/bid/34373 http://www.vmware.com/security/advisories/VMSA-2009-0005.html http://www.vupen.com/english/advisories/2009/0944 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6376 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2008-4914
https://notcve.org/view.php?id=CVE-2008-4914
Unspecified vulnerability in VMware ESXi 3.5 before ESXe350-200901401-I-SG and ESX 3.5 before ESX350-200901401-SG allows local administrators to cause a denial of service (host crash) via a snapshot with a malformed VMDK delta disk. Vulnerabilidad no especificada en VMware ESXi 3.5 anteriores a ESXe350-200901401-I-SG y ESX 3.5 anteriores a ESX350-200901401-SG que permite a los administradores locales causar una denegación de servicios (caída del host) a través de una captura con un malformado disco delta VMDK. • http://secunia.com/advisories/33776 http://www.securityfocus.com/bid/33549 http://www.securitytracker.com/id?1021654 http://www.vmware.com/security/advisories/VMSA-2009-0001.html http://www.vupen.com/english/advisories/2009/0301 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5909 •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2008-4917
https://notcve.org/view.php?id=CVE-2008-4917
Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption. Vulnerabilidad sin especificar en VMware Workstation v5.5.8 y anteriores, y v6.0.5 y anteriores, versiones v6.x; VMware Player v1.0.8 y anteriores, y v2.0.5 y versiones anteriores a v2.x; VMware Server v1.0.9 y anteriores; VMware ESXi v3.5; y VMware ESX v3.0.2 a la v3.5, permite a los usuarios del sistema operativo huésped tener un impacto desconocido mediante el envío de una petición de hardware que lanza una operación de escritura física de la memoria, permitiendo una corrupción de memoria. • http://kb.vmware.com/kb/1006980 http://kb.vmware.com/kb/1006986 http://secunia.com/advisories/32965 http://security.gentoo.org/glsa/glsa-201209-25.xml http://securitytracker.com/id?1021300 http://securitytracker.com/id?1021301 http://www.securityfocus.com/archive/1/498863/100/0/threaded http://www.securityfocus.com/archive/1/498886/100/0/threaded http://www.securityfocus.com/bid/32597 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6 • CWE-399: Resource Management Errors •