Page 6 of 38 results (0.015 seconds)

CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0

Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service. Vulnerabilidad no especificada en el servicio DHCP en VMware Workstation versiones 5.5.x anteriores a 5.5.6, VMware Player versiones 1.0.x anteriores a 1.0.6, VMware ACE versiones 1.0.x anteriores a 1.0.5, VMware Server versiones 1.0.x anteriores a 1.0.5, y VMware Fusion versiones 1.1.x anteriores a 1.1.1 permite a atacantes provocar una denegación de servicio. • http://lists.vmware.com/pipermail/security-announce/2008/000008.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://securityreason.com/securityalert/3755 http://securitytracker.com/id?1019623 http://www.securityfocus.com/archive/1/489739/100/0/threaded http://www.securityfocus.com/bid/28276 http://www.securityfocus.com/bid/28289 http://www.vmware.com/security/advisories/VMSA-2008-0005.html http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html http://www.v • CWE-399: Resource Management Errors •

CVSS: 6.8EPSS: 0%CPEs: 28EXPL: 0

VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362. VMware Workstation versiones 6.0.x anteriores a 6.0.3 y 5.5.x anteriores a 5.5.6, VMware Player versiones 2.0.x anteriores a 2.0.3 y 1.0.x anteriores a 1.0.6, VMware ACE versiones 2.0.x anteriores a 2.0.1 y 1.0.x anteriores a 1.0.5, y VMware Server versiones 1.0.x anteriores a 1.0.5 para Windows permite a usuarios locales conseguir privilegios mediante una manipulación no específica que causa que el proceso authd conecte con un nombre de tubería de su elección, siendo una vulnerabilidad diferente que CVE-2008-1362. • http://lists.vmware.com/pipermail/security-announce/2008/000008.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://securityreason.com/securityalert/3755 http://securitytracker.com/id?1019621 http://www.securityfocus.com/archive/1/489739/100/0/threaded http://www.securityfocus.com/bid/28276 http://www.vmware.com/security/advisories/VMSA-2008-0005.html http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html http://www.vmware.com/support/player/doc/releasenotes_player • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.2EPSS: 0%CPEs: 21EXPL: 0

VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an "insecurely created named pipe," a different vulnerability than CVE-2008-1361. VMware Workstation versiones 6.0.x anteriores a 6.0.3 y versiones 5.5.x anteriores a 5.5.6, VMware Player versiones 2.0.x anteriores a 2.0.3 y versiones 1.0.x anteriores a 1.0.6, VMware ACE versiones 2.0.x anteriores a 2.0.1 y versiones 1.0.x anteriores a 1.0.5, y VMware Server versiones 1.0.x anteriores a 1.0.5 para Windows permite a usuarios locales conseguir privilegios o provocar una denegación de servicio utilizando la suplantación del proceso authd a través de un uso no especificado de una "tubería de nombres creada de forma no segura", siendo una vulnerabilidad diferente que CVE-2008-1361. • http://lists.vmware.com/pipermail/security-announce/2008/000008.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://securityreason.com/securityalert/3755 http://securitytracker.com/id?1019621 http://www.securityfocus.com/archive/1/489739/100/0/threaded http://www.securityfocus.com/bid/28276 http://www.vmware.com/security/advisories/VMSA-2008-0005.html http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html http://www.vmware.com/support/player/doc/releasenotes_player • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.9EPSS: 0%CPEs: 15EXPL: 0

Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a "%c0%2e%c0%2e" string. Vulnerabilidad de salto de directorio en la característica de Archivos Compartidos de VMWare ACE 1.0.2 y 2.0.2, Player 1.0.4 y 2.0.2, y Workstation 5.5.4 y 6.0.2 permite a usuarios de SO invitados leer y escribir archivos de su elección en el SO anfitrión a través de una cadena multibyte que produce una cadena de caracteres ancha que contiene secuencias de .. (punto punto), lo que evita el mecanismo de protección, como se demostró usando una cadena "%c0%2e%c0%2e". • http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004034 http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060457.html http://lists.vmware.com/pipermail/security-announce/2008/000008.html http://secunia.com/advisories/29117 http://securityreason.com/securityalert/3700 http://www.coresecurity.com/?action=item&id=2129 http://www.securityfocus.com/archive/1/488725/100/0/threaded http://www.securityfocus.com/archive/1/489739/100/0/t • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 10.0EPSS: 2%CPEs: 4EXPL: 0

Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images. Vulnerabilidad sin especificar en el VMware Player 1.0.x anterior a la 1.0.5 y la 2.0 anterior a la 2.0.1;y el Workstation 5.x anterior a la 5.5.5 y la 6.x anterior a la 6.0.1, evitando su lanzamiento, lo que tiene un impacto desconocido, relacionado con las imágenes de máquina virtual no confiables. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://secunia.com/advisories/26890 http://secunia.com/advisories/27706 http://security.gentoo.org/glsa/glsa-200711-23.xml http://www.vmware.com/support/player/doc/releasenotes_player.html http://www.vmware.com/support/player2/doc/releasenotes_player2.html http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html http://www.vupen.com/engli •