CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2008-1363
https://notcve.org/view.php?id=CVE-2008-1363
20 Mar 2008 — VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation of a config.ini file located in an Application Data folder, which can be used for "hijacking the VMX process." VMware Workstation versiones 6.0.x anteriores a 6.0.3 y versiones 5.5.x anteriores a 5.5.6, VMware Player versi... • http://lists.vmware.com/pipermail/security-announce/2008/000008.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2008-1362
https://notcve.org/view.php?id=CVE-2008-1362
20 Mar 2008 — VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an "insecurely created named pipe," a different vulnerability than CVE-2008-1361. VMware Workstation versiones 6.0.x anteriores a 6.0.3 y versiones 5.5.x anteri... • http://lists.vmware.com/pipermail/security-announce/2008/000008.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2008-1361
https://notcve.org/view.php?id=CVE-2008-1361
20 Mar 2008 — VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362. VMware Workstation versiones 6.0.x anteriores a 6.0.3 y 5.5.x anteriores a 5.5.6, VMware Player versiones 2... • http://lists.vmware.com/pipermail/security-announce/2008/000008.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 4%CPEs: 21EXPL: 0CVE-2008-1340
https://notcve.org/view.php?id=CVE-2008-1340
20 Mar 2008 — Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption." Virtual Machine Communication Interface (VMCI) en VMware Workstation versiones 6.0.x anteriores a 6.0.3, VMware Player versiones 2.0.x anterirores a 2.0.3, y VMware ACE versiones 2.0.x anteriores a 2.0.1 permite a ... • http://lists.vmware.com/pipermail/security-announce/2008/000008.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 21EXPL: 0CVE-2008-1364
https://notcve.org/view.php?id=CVE-2008-1364
20 Mar 2008 — Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service. Vulnerabilidad no especificada en el servicio DHCP en VMware Workstation versiones 5.5.x anteriores a 5.5.6, VMware Player versiones 1.0.x anteriores a 1.0.6, VMware ACE versiones 1.0.x anteriores a 1.0.5, VMware Server versiones 1.0.x anter... • http://lists.vmware.com/pipermail/security-announce/2008/000008.html • CWE-399: Resource Management Errors •
CVSS: 8.1EPSS: 0%CPEs: 15EXPL: 0CVE-2008-0923
https://notcve.org/view.php?id=CVE-2008-0923
26 Feb 2008 — Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a "%c0%2e%c0%2e" string. Vulnerabilidad de salto de directorio en la característica de Archivos Compartidos de VMWare ACE 1.0.2 y ... • http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004034 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2007-5617
https://notcve.org/view.php?id=CVE-2007-5617
21 Oct 2007 — Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images. Vulnerabilidad sin especificar en el VMware Player 1.0.x anterior a la 1.0.5 y la 2.0 anterior a la 2.0.1;y el Workstation 5.x anterior a la 5.5.5 y la 6.x anterior a la 6.0.1, evitando su lanzamiento, lo que tiene un impacto desconocido, relacionado con las imágenes de... • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2007-5618
https://notcve.org/view.php?id=CVE-2007-5618
21 Oct 2007 — Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs. Una ruta de búsqueda en Windows sin cerrar las comillas en el servicio Authorization y en otros servicios en el VMware Player 1.0.x anterior al 1.0.5 y el 2.0 anterior al 2.0.1, en el VMware Server anterior al 1.0.4; y en ... • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html •
CVSS: 10.0EPSS: 27%CPEs: 19EXPL: 0CVE-2007-0062
https://notcve.org/view.php?id=CVE-2007-0062
21 Sep 2007 — Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size ... • http://bugs.gentoo.org/show_bug.cgi?id=227135 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 75%CPEs: 16EXPL: 0CVE-2007-0061
https://notcve.org/view.php?id=CVE-2007-0061
21 Sep 2007 — The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed packet that triggers "corrupt stack memory." El servidor DHCP en EMC VMware Workstation anterior a 5.5.5 construcción 56455 y 6.x anterior a 6.0.1 construcción 55017, Player... • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •