CVE-2008-4915
https://notcve.org/view.php?id=CVE-2008-4915
The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS. Una vulnerabilidad sin especificar en la emulación de hardware de CPU en sistemas operativos internos de 32-bit y 64-bit, en VMware Workstation v6.0.5 y anteriores; Player v2.0.x a la v2.0.5 y v1.0.x a la v1.0.8; ACE v2.0.x a la v2.0.5 y anteriores, y v1.0.x a la v1.0.7; Server v1.0.x a la v1.0.7; ESX v2.5.4 a la v3.5; y ESXi v3.5; no maneja de forma adecuada el flag Trap, que permite a usuarios del sistema operativo (SO) huésped obtener privilegios en el SO huésped. • http://lists.vmware.com/pipermail/security-announce/2008/000042.html http://secunia.com/advisories/32612 http://secunia.com/advisories/32624 http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.securityfocus.com/archive/1/498138/100/0/threaded http://www.securityfocus.com/bid/32168 http://www.securitytracker.com/id?1021154 http://www.vmware.com/security/advisories/VMSA-2008-0018.html http://www.vupen.com/english/advisories/2008/3052 https://exchange.xforce.ibmcloud.com • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-4279
https://notcve.org/view.php?id=CVE-2008-4279
The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges by triggering an exception that causes the virtual CPU to perform an indirect jump to a non-canonical address. La emulación de hardware de CPU para sistemas operativos invitados de 64 bits en VMware Workstation versión 6.0.x anterior a 6.0.5 build 109488 y versión 5.x anterior a 5.5.8 build 108000; Player versión 2.0.x anterior a 2.0.5 build 109488 y versión 1.x anterior a 1.0.8; Server versión 1.x anterior a 1.0.7 build 108231; y ESX versión 2.5.4 anterior a 3.5, permite a los usuarios del sistema operativo invitado autenticado conseguir privilegios adicionales del sistema operativo invitado mediante la activación de una excepción que hace que la CPU virtual realice un salto indirecto a una dirección no canónica. • http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/064860.html http://marc.info/?l=bugtraq&m=122331139823057&w=2 http://secunia.com/advisories/32157 http://secunia.com/advisories/32179 http://secunia.com/advisories/32180 http://www.securityfocus.com/archive/1/497041/100/0/threaded http://www.securityfocus.com/bid/31569 http://www.securitytracker.com/id?1020991 http://www.vmware.com/security/advisories/VMSA-2008-0016.html http://www.vupen.com/english/advisories • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-3892 – VMware - COM API ActiveX Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-3892
Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a call to the GuestInfo method in which there is a long string argument, and an assignment of a long string value to the result of this call. NOTE: this may overlap CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, or CVE-2008-3696. Desbordamiento de búfer en un cierto control ActiveX en el COM API de VMware Workstation 5.5.x versiones anteriores a 5.5.8 build 108000, VMware Workstation 6.0.x versiones anteriores a 6.0.5 build 109488, VMware Player 1.x versiones anteriores a 1.0.8 build 108000, VMware Player 2.x versiones anteriores a 2.0.5 build 109488, VMware ACE 1.x versiones anteriores a 1.0.7 build 108880, VMware ACE 2.x versiones anteriores a 2.0.5 build 109488, and VMware Server versiones anteriores a 1.0.7 build 108231 permite a atacantes remotos provocar una denegación de servicio (caída del navegador) o posiblemente ejecutar código de su elección a través de una llamada al método GuestInfo en el cual hay un argumento de cadena largo, y un asignamiento de un valor de cadena largo al resultado de esa llamada. NOTA: esto puede superponerse a CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, o CVE-2008-3696. • https://www.exploit-db.com/exploits/6345 http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html http://secunia.com/advisories/31707 http://secunia.com/advisories/31708 http://secunia.com/advisories/31709 http://secunia.com/advisories/31710 http://securityreason.com/securityalert/4202 http://www.securityfocus.com/archive/1/495869/100/0/threaded http://www.securityfocus.com/bid/29503 http://www.securityfocus.com/bid/30934 http://www.vmware.com/support/ace& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-3697
https://notcve.org/view.php?id=CVE-2008-3697
An unspecified ISAPI extension in VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (IIS crash) via a malformed request. Una extensión ISAPI sin especificar en VMware Server versiones anteriores a 1.0.7 build 108231 permite a atacantes remotos provocar una denegación de servicio (caída IIS) a través de peticiones mal formadas. • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html http://secunia.com/advisories/31708 http://securityreason.com/securityalert/4202 http://www.securityfocus.com/archive/1/495869/100/0/threaded http://www.securityfocus.com/bid/30935 http://www.securitytracker.com/id?1020789 http://www.vmware.com/security/advisories/VMSA-2008-0014.html http://www.vmware.com/support/server/doc/releasenotes_server.html http://www.vupen.com/english/advisories/2008/2466 https:/ • CWE-20: Improper Input Validation •
CVE-2008-3692
https://notcve.org/view.php?id=CVE-2008-3692
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696. Vulnerabilidad no especificada en un cierto control ActiveX en VMware Workstation 5.5.x versiones anteriores a 5.5.8 build 108000, VMware Workstation 6.0.x versiones anteriores a 6.0.5 build 109488, VMware Player 1.x versiones anteriores a 1.0.8 build 108000, VMware Player 2.x versiones anteriores a 2.0.5 build 109488, VMware ACE 1.x versiones anteriores a 1.0.7 build 108880, VMware ACE 2.x versiones anteriores a 2.0.5 build 109488, y VMware Server versiones anteriores a 1.0.7 build 108231 tiene un impacto y vectores de ataque desconocidos, una vulnerabilidad diferente a CVE-2008-3691, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, y CVE-2008-3696. • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html http://secunia.com/advisories/31707 http://secunia.com/advisories/31708 http://secunia.com/advisories/31709 http://secunia.com/advisories/31710 http://securityreason.com/securityalert/4202 http://www.securityfocus.com/archive/1/495869/100/0/threaded http://www.securityfocus.com/bid/30934 http://www.securitytracker.com/id?1020791 http://www.vmware.com/security/advisories/VMSA-2008-0014.html http://www.v •