CVE-2015-6933
https://notcve.org/view.php?id=CVE-2015-6933
The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors. La implementación VMware Tools HGFS (también conocida como Shared Folders) en VMware Workstation 11.x en versiones anteriores a 11.1.2, VMware Player 7.x en versiones anteriores a 7.1.2, VMware Fusion 7.x en versiones anteriores a 7.1.2 y VMware ESXi 5.0 hasta la versión 6.0 permite a usuarios de SO invitado de Windows obtener privilegios de SO invitado o provocar una denegación de servicio (corrupción de memoria del kernel del SO invitado) a través de vectores no especificados. • http://www.securitytracker.com/id/1034603 http://www.securitytracker.com/id/1034604 http://www.vmware.com/security/advisories/VMSA-2016-0001.html • CWE-284: Improper Access Control •
CVE-2014-8370
https://notcve.org/view.php?id=CVE-2014-8370
VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file. VMware Workstation 10.x anterior a 10.0.5, VMware Player 6.x anterior a 6.0.5, VMware Fusion 6.x anterior a 6.0.5, y VMware ESXi 5.0 hasta 5.5 permiten a usuarios del sistema operativo anfitrión ganar privilegios del sistema operativo anfitrión o causar una denegación de servicio (escritura arbitraria a un fichero) mediante la modificación de un fichero de configuración. • http://jvn.jp/en/jp/JVN88252465/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007 http://secunia.com/advisories/62551 http://secunia.com/advisories/62605 http://secunia.com/advisories/62669 http://www.securityfocus.com/bid/72338 http://www.securitytracker.com/id/1031642 http://www.securitytracker.com/id/1031643 http://www.vmware.com/security/advisories/VMSA-2015-0001.html https://exchange.xforce.ibmcloud.com/vulnerabilities/100933 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2014-4241
https://notcve.org/view.php?id=CVE-2014-4241
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect integrity via vectors related to WLS - Web Services. Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.0.2.0 y 10.3.6.0 permite a atacantes remotos afectar la integridad a través de vectores relacionados con WLS - Web Services. • http://seclists.org/fulldisclosure/2014/Dec/23 http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html http://www.securityfocus.com/archive/1/534161/100/0/threaded http://www.securityfocus.com/bid/68649 http://www.vmware.com/security/advisories/VMSA-2014-0012.html https://exchange.xforce.ibmcloud.com/vulnerabilities/94559 •
CVE-2014-3793
https://notcve.org/view.php?id=CVE-2014-3793
VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors. VMware Tools en VMware Workstation 10.x anterior a 10.0.2, VMware Player 6.x anterior a 6.0.2, VMware Fusion 6.x anterior a 6.0.3 y VMware ESXi 5.0 hasta 5.5, cuando un sistema operativo invitado de Windows 8.1 está utilizado, permite a usuarios del sistema operativo invitado ganar privilegios del sistema operativo invitado o causar una denegación de servicio (referencia a puntero nulo de kernel y caída del sistema operativo invitado) a través de vectores no especificados. • http://packetstormsecurity.com/files/126869/VMware-Security-Advisory-2014-0005.html http://secunia.com/advisories/58894 http://www.securityfocus.com/archive/1/532236/100/0/threaded http://www.securitytracker.com/id/1030310 http://www.securitytracker.com/id/1030311 http://www.vmware.com/security/advisories/VMSA-2014-0005.html •
CVE-2014-1208
https://notcve.org/view.php?id=CVE-2014-1208
VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid port. VMware Workstation 9.x anteriores a 9.0.1, WMware Player 5.x anteriores a 5.0.1, VMware Fusion 5.x anteriores a 5.0.1, VMware ESXi 4.0 hasta 5.1, y WMware ESX 4.0 y 4.1 permite a usuarios invitado del sistema causar una denegación de servicio (ruptura de proceso VMX) utilizando un puerto inválido. • http://osvdb.org/102197 http://secunia.com/advisories/56499 http://www.securityfocus.com/bid/64994 http://www.securitytracker.com/id/1029643 http://www.securitytracker.com/id/1029644 http://www.vmware.com/security/advisories/VMSA-2014-0001.html https://exchange.xforce.ibmcloud.com/vulnerabilities/90558 •