All the vulnerabilites related to vmware - view
cve-2012-1511
Vulnerability from cvelistv5
Published
2012-03-16 20:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1026814 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vmware.com/security/advisories/VMSA-2012-0004.html | x_refsource_CONFIRM | |
| http://osvdb.org/80118 | vdb-entry, x_refsource_OSVDB | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16664 | vdb-entry, signature, x_refsource_OVAL | |
| http://secunia.com/advisories/48379 | third-party-advisory, x_refsource_SECUNIA | |
| http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/52526 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:01.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1026814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026814"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"name": "80118",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80118"
},
{
"name": "oval:org.mitre.oval:def:16664",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16664"
},
{
"name": "48379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48379"
},
{
"name": "20120316 VMSA-2012-0004 VMware View privilege escalation and cross-site scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"name": "52526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52526"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-05T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1026814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026814"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"name": "80118",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80118"
},
{
"name": "oval:org.mitre.oval:def:16664",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16664"
},
{
"name": "48379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48379"
},
{
"name": "20120316 VMSA-2012-0004 VMware View privilege escalation and cross-site scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"name": "52526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52526"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1026814",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026814"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"name": "80118",
"refsource": "OSVDB",
"url": "http://osvdb.org/80118"
},
{
"name": "oval:org.mitre.oval:def:16664",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16664"
},
{
"name": "48379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48379"
},
{
"name": "20120316 VMSA-2012-0004 VMware View privilege escalation and cross-site scripting",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"name": "52526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52526"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1511",
"datePublished": "2012-03-16T20:00:00",
"dateReserved": "2012-03-08T00:00:00",
"dateUpdated": "2024-08-06T19:01:01.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1509
Vulnerability from cvelistv5
Published
2012-03-16 20:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/74096 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1026814 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vmware.com/security/advisories/VMSA-2012-0004.html | x_refsource_CONFIRM | |
| http://osvdb.org/80116 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/48379 | third-party-advisory, x_refsource_SECUNIA | |
| http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/52524 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2012-0005.html | x_refsource_CONFIRM | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17151 | vdb-entry, signature, x_refsource_OVAL |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:01.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "vmware-view-xpdm-priv-esc(74096)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74096"
},
{
"name": "1026814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026814"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"name": "80116",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80116"
},
{
"name": "48379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48379"
},
{
"name": "20120316 VMSA-2012-0004 VMware View privilege escalation and cross-site scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"name": "52524",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52524"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"name": "oval:org.mitre.oval:def:17151",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17151"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "vmware-view-xpdm-priv-esc(74096)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74096"
},
{
"name": "1026814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026814"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"name": "80116",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80116"
},
{
"name": "48379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48379"
},
{
"name": "20120316 VMSA-2012-0004 VMware View privilege escalation and cross-site scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"name": "52524",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52524"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"name": "oval:org.mitre.oval:def:17151",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17151"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1509",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "vmware-view-xpdm-priv-esc(74096)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74096"
},
{
"name": "1026814",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026814"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"name": "80116",
"refsource": "OSVDB",
"url": "http://osvdb.org/80116"
},
{
"name": "48379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48379"
},
{
"name": "20120316 VMSA-2012-0004 VMware View privilege escalation and cross-site scripting",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"name": "52524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52524"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"name": "oval:org.mitre.oval:def:17151",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17151"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1509",
"datePublished": "2012-03-16T20:00:00",
"dateReserved": "2012-03-08T00:00:00",
"dateUpdated": "2024-08-06T19:01:01.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1666
Vulnerability from cvelistv5
Published
2012-09-08 10:00
Modified
2024-09-17 01:56
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html | mailing-list, x_refsource_BUGTRAQ | |
| https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:02.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120904 VMWare Tools susceptible to binary planting by hijack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-08T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120904 VMWare Tools susceptible to binary planting by hijack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120904 VMWare Tools susceptible to binary planting by hijack",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html"
},
{
"name": "https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1666",
"datePublished": "2012-09-08T10:00:00Z",
"dateReserved": "2012-03-15T00:00:00Z",
"dateUpdated": "2024-09-17T01:56:57.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1510
Vulnerability from cvelistv5
Published
2012-03-16 20:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1026814 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vmware.com/security/advisories/VMSA-2012-0004.html | x_refsource_CONFIRM | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17258 | vdb-entry, signature, x_refsource_OVAL | |
| http://secunia.com/advisories/48378 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/48379 | third-party-advisory, x_refsource_SECUNIA | |
| http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/52524 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/74097 | vdb-entry, x_refsource_XF | |
| http://www.vmware.com/security/advisories/VMSA-2012-0005.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1026818 | vdb-entry, x_refsource_SECTRACK | |
| http://osvdb.org/80117 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:02.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1026814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026814"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"name": "oval:org.mitre.oval:def:17258",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17258"
},
{
"name": "48378",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48378"
},
{
"name": "48379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48379"
},
{
"name": "20120316 VMSA-2012-0004 VMware View privilege escalation and cross-site scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"name": "52524",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52524"
},
{
"name": "vmware-wddm-priv-esc(74097)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74097"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"name": "1026818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026818"
},
{
"name": "80117",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80117"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1026814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026814"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"name": "oval:org.mitre.oval:def:17258",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17258"
},
{
"name": "48378",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48378"
},
{
"name": "48379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48379"
},
{
"name": "20120316 VMSA-2012-0004 VMware View privilege escalation and cross-site scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"name": "52524",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52524"
},
{
"name": "vmware-wddm-priv-esc(74097)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74097"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"name": "1026818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026818"
},
{
"name": "80117",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80117"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1510",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1026814",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026814"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"name": "oval:org.mitre.oval:def:17258",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17258"
},
{
"name": "48378",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48378"
},
{
"name": "48379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48379"
},
{
"name": "20120316 VMSA-2012-0004 VMware View privilege escalation and cross-site scripting",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"name": "52524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52524"
},
{
"name": "vmware-wddm-priv-esc(74097)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74097"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"name": "1026818",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026818"
},
{
"name": "80117",
"refsource": "OSVDB",
"url": "http://osvdb.org/80117"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1510",
"datePublished": "2012-03-16T20:00:00",
"dateReserved": "2012-03-08T00:00:00",
"dateUpdated": "2024-08-06T19:01:02.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1406
Vulnerability from cvelistv5
Published
2013-02-11 22:00
Modified
2024-08-06 14:57
Severity ?
EPSS score ?
Summary
The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17164 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.vmware.com/security/advisories/VMSA-2013-0002.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:57:05.143Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:17164",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17164"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:17164",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17164"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1406",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:17164",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17164"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2013-0002.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1406",
"datePublished": "2013-02-11T22:00:00",
"dateReserved": "2013-01-19T00:00:00",
"dateUpdated": "2024-08-06T14:57:05.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-5978
Vulnerability from cvelistv5
Published
2012-12-19 11:00
Modified
2024-08-06 21:21
Severity ?
EPSS score ?
Summary
Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2012-0017.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1027875 | vdb-entry, x_refsource_SECTRACK | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17049 | vdb-entry, signature, x_refsource_OVAL |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:21:28.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0017.html"
},
{
"name": "1027875",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027875"
},
{
"name": "oval:org.mitre.oval:def:17049",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0017.html"
},
{
"name": "1027875",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027875"
},
{
"name": "oval:org.mitre.oval:def:17049",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17049"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5978",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0017.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0017.html"
},
{
"name": "1027875",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027875"
},
{
"name": "oval:org.mitre.oval:def:17049",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17049"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5978",
"datePublished": "2012-12-19T11:00:00",
"dateReserved": "2012-11-21T00:00:00",
"dateUpdated": "2024-08-06T21:21:28.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1508
Vulnerability from cvelistv5
Published
2012-03-16 20:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/80115 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1026814 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vmware.com/security/advisories/VMSA-2012-0004.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/48378 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/48379 | third-party-advisory, x_refsource_SECUNIA | |
| http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/52524 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2012-0005.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1026818 | vdb-entry, x_refsource_SECTRACK | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17183 | vdb-entry, signature, x_refsource_OVAL |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:01.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "80115",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80115"
},
{
"name": "1026814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026814"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"name": "48378",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48378"
},
{
"name": "48379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48379"
},
{
"name": "20120316 VMSA-2012-0004 VMware View privilege escalation and cross-site scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"name": "52524",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52524"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"name": "1026818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026818"
},
{
"name": "oval:org.mitre.oval:def:17183",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17183"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "80115",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80115"
},
{
"name": "1026814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026814"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"name": "48378",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48378"
},
{
"name": "48379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48379"
},
{
"name": "20120316 VMSA-2012-0004 VMware View privilege escalation and cross-site scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"name": "52524",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52524"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"name": "1026818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026818"
},
{
"name": "oval:org.mitre.oval:def:17183",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17183"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1508",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "80115",
"refsource": "OSVDB",
"url": "http://osvdb.org/80115"
},
{
"name": "1026814",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026814"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"name": "48378",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48378"
},
{
"name": "48379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48379"
},
{
"name": "20120316 VMSA-2012-0004 VMware View privilege escalation and cross-site scripting",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"name": "52524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52524"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"name": "1026818",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026818"
},
{
"name": "oval:org.mitre.oval:def:17183",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17183"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1508",
"datePublished": "2012-03-16T20:00:00",
"dateReserved": "2012-03-08T00:00:00",
"dateUpdated": "2024-08-06T19:01:01.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2012-12-19 11:56
Modified
2024-11-21 01:45
Severity ?
Summary
Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:view:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B7952E0E-6986-48BF-865C-189033AEB91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:4.0.0:u2:*:*:*:*:*:*",
"matchCriteriaId": "9D0C4BA2-E018-4C74-B259-E0CE3109A864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE652F1-BC10-497D-A244-D893A148483D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4346ED63-851E-43E9-933D-7CCAFA43B17B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7373CD57-520C-46D9-9728-28E976AA87FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8E256-7371-4702-96AC-3A72A364D88A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:5.0.0:u2:*:*:*:*:*:*",
"matchCriteriaId": "B6E0DE85-7C49-4446-9407-1778F438806B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F21D6157-BB2F-4D13-871C-654287765ABC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "45F2841C-51B4-49EA-B6F6-8C67525233A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de salto de directorio en (1) View Connection Server y (2) View Security Server en VMware View v4.x antes de v4.6.2 y v5.x antes de v5.1.2 permiten a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de vectores no especificados.\r\n"
}
],
"id": "CVE-2012-5978",
"lastModified": "2024-11-21T01:45:38.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-12-19T11:56:00.030",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027875"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0017.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17049"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-16 20:55
Modified
2024-11-21 01:37
Severity ?
Summary
The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "889DE9BE-886F-4BEF-A794-5B5DE73D2322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D3C6FC4-DAE3-42DB-B845-593BBD2A50BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:*:*:*:*:*:*:*:*",
"matchCriteriaId": "661A2BED-3920-4EF1-81DA-6569912CF3D4",
"versionEndIncluding": "4.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE707D-A1F4-4829-843E-F6633BB84D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors."
},
{
"lang": "es",
"value": "El driver XPDM en VMware ESXi v4.0, v4.1, y v5.0; VMware ESX v4.0 y v4.1; y VMware View anterior a v4.6.1 permite a usuarios invitado del SO ganas privilegios de invitado o causar una denagaci\u00f3n de servicio (NULL pointer dereference) mediante vectores no especificados"
}
],
"id": "CVE-2012-1508",
"lastModified": "2024-11-21T01:37:07.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-16T20:55:00.847",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80115"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48378"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48379"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52524"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1026814"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1026818"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17183"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-09-08 10:28
Modified
2024-11-21 01:37
Severity ?
Summary
Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | * | |
| vmware | workstation | 8.0 | |
| vmware | workstation | 8.0.0.18997 | |
| vmware | workstation | 8.0.1 | |
| vmware | workstation | 8.0.1.27038 | |
| vmware | workstation | 8.0.2 | |
| vmware | player | * | |
| vmware | player | 4.0 | |
| vmware | player | 4.0.0.18997 | |
| vmware | player | 4.0.1 | |
| vmware | player | 4.0.2 | |
| vmware | fusion | * | |
| vmware | fusion | 4.0 | |
| vmware | fusion | 4.0.1 | |
| vmware | fusion | 4.0.2 | |
| vmware | fusion | 4.1 | |
| vmware | view | * | |
| vmware | view | 4.6.0 | |
| vmware | esx | 4.1 | |
| vmware | esx | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C31BB23E-4BAF-4C07-B613-98E590695A7B",
"versionEndIncluding": "8.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE22BB0-F375-4883-BF6C-5A6369694EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.0.18997:*:*:*:*:*:*:*",
"matchCriteriaId": "01483038-BC89-44BA-B07B-362FC5D7E8C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD913295-9302-425A-A9E1-B0DF76AD3069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1.27038:*:*:*:*:*:*:*",
"matchCriteriaId": "B671AC17-7064-4541-ADB3-FCD72109C766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51B6CAE2-A396-40C8-8FF0-D9EC64D5C9A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18A0EAA7-72FF-4910-931B-D18C7407CF1E",
"versionEndIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "535E3D3C-76A5-405A-8F9D-21A86ED31D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.0.18997:*:*:*:*:*:*:*",
"matchCriteriaId": "81AFBBE6-0B3B-44DB-BBEB-08C8B2C39038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09D7FB-78EE-4168-996D-FD3CF2E187BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "816F1646-A1C9-4E4A-BCE1-A34D00B51ABE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B8519FA-C221-4D6F-B418-D2FED3B9D634",
"versionEndIncluding": "4.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60234129-7F7F-49FA-A425-CDAB4D09AB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB73EC4-F3CE-428B-BA40-47FB21181543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "927863C2-5A61-4137-83AC-6CF3F2958941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F74559CB-6E52-421F-88F3-739913C26C8E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:view:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D11ED8-646B-4F8E-A0E5-56C6964F9D61",
"versionEndIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4346ED63-851E-43E9-933D-7CCAFA43B17B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E52EEFA3-BE68-4AFF-A22C-036D33306AF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory."
},
{
"lang": "es",
"value": "Vulnerabilidad de path de b\u00fasqueda no confiable en VMware Tools en VMware Workstation anteriores a v8.0.4, VMware Player anteriores a v4.0.4, VMware Fusion anteriores a v4.1.2, VMware View anteriores a v5.1, y VMware ESX v4.1 anteriores a vU3 y v5.0 anteriores a vP03, permite a usuario locales obtener privilegios a trav\u00e9s de un fichero tpfc.dll troyanizado en el directorio de trabajo actual."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html\r\n\r\n\u0027CWE-426 Untrusted Search Path\u0027",
"id": "CVE-2012-1666",
"lastModified": "2024-11-21T01:37:25.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-08T10:28:20.367",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-16 20:55
Modified
2024-11-21 01:37
Severity ?
Summary
Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "889DE9BE-886F-4BEF-A794-5B5DE73D2322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D3C6FC4-DAE3-42DB-B845-593BBD2A50BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:*:*:*:*:*:*:*:*",
"matchCriteriaId": "661A2BED-3920-4EF1-81DA-6569912CF3D4",
"versionEndIncluding": "4.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE707D-A1F4-4829-843E-F6633BB84D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el driver WDDM en VMware ESXi v4.0, v4.1, y v5.0; VMware ESX v4.0 y v4.1; y VMware View anterior a v4.6.1, permite a usuarios invitados del OS obtener privilegios de invitado mediante vectores no especificados."
}
],
"id": "CVE-2012-1510",
"lastModified": "2024-11-21T01:37:07.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-16T20:55:01.003",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80117"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48378"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48379"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52524"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1026814"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1026818"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74097"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17258"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-16 20:55
Modified
2024-11-21 01:37
Severity ?
Summary
Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:view:*:*:*:*:*:*:*:*",
"matchCriteriaId": "661A2BED-3920-4EF1-81DA-6569912CF3D4",
"versionEndIncluding": "4.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el driver XPDM en VMware View anterior a v4.6.1 permite a usuarios invitados del SO ganar privilegios de invitado mediante vectores no especificados."
}
],
"id": "CVE-2012-1509",
"lastModified": "2024-11-21T01:37:07.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-16T20:55:00.910",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80116"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48379"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52524"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1026814"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74096"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17151"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-16 20:55
Modified
2024-11-21 01:37
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:view:*:*:*:*:*:*:*:*",
"matchCriteriaId": "661A2BED-3920-4EF1-81DA-6569912CF3D4",
"versionEndIncluding": "4.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en View Manager Portal en VMware View anterior a v4.6.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de una URL manipulada."
}
],
"id": "CVE-2012-1511",
"lastModified": "2024-11-21T01:37:07.810",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-03-16T20:55:01.037",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80118"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48379"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52526"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1026814"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16664"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-02-11 22:55
Modified
2024-11-21 01:49
Severity ?
Summary
The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 8.0 | |
| vmware | workstation | 8.0.0.18997 | |
| vmware | workstation | 8.0.1 | |
| vmware | workstation | 8.0.1.27038 | |
| vmware | workstation | 8.0.2 | |
| vmware | workstation | 8.0.3 | |
| vmware | workstation | 8.0.4 | |
| vmware | workstation | 9.0 | |
| microsoft | windows | * | |
| vmware | fusion | 4.1 | |
| vmware | fusion | 4.1.1 | |
| vmware | fusion | 4.1.2 | |
| vmware | fusion | 4.1.3 | |
| vmware | fusion | 5.0 | |
| vmware | fusion | 5.0.1 | |
| vmware | view | 4.0.0 | |
| vmware | view | 4.0.0 | |
| vmware | view | 4.5 | |
| vmware | view | 4.6.0 | |
| vmware | view | 4.6.1 | |
| vmware | view | 5.0 | |
| vmware | view | 5.0.0 | |
| vmware | view | 5.0.0 | |
| vmware | view | 5.0.1 | |
| vmware | view | 5.1.0 | |
| vmware | view | 5.1.1 | |
| microsoft | windows | * | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.1 | |
| vmware | esx | 4.0 | |
| vmware | esx | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE22BB0-F375-4883-BF6C-5A6369694EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.0.18997:*:*:*:*:*:*:*",
"matchCriteriaId": "01483038-BC89-44BA-B07B-362FC5D7E8C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD913295-9302-425A-A9E1-B0DF76AD3069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1.27038:*:*:*:*:*:*:*",
"matchCriteriaId": "B671AC17-7064-4541-ADB3-FCD72109C766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51B6CAE2-A396-40C8-8FF0-D9EC64D5C9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "21644868-F1B0-4A8E-BE73-4F42BEB8E834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4944D9B1-A48B-4F32-951E-BEC3FEAC45FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B439F706-27F8-4238-9396-B460EB78B6DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F74559CB-6E52-421F-88F3-739913C26C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4870DAA2-6670-47EF-BF74-6E39B92E75DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70C64B80-4928-4ABA-AF4E-1977C252BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C8358B-4543-431C-B894-BD2CA04AD97C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EEF165A-4E09-4FF0-A577-FF429BCCF588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDC22BC2-DC74-4322-929C-7F82C083C1C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:view:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B7952E0E-6986-48BF-865C-189033AEB91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:4.0.0:u2:*:*:*:*:*:*",
"matchCriteriaId": "9D0C4BA2-E018-4C74-B259-E0CE3109A864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE652F1-BC10-497D-A244-D893A148483D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4346ED63-851E-43E9-933D-7CCAFA43B17B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7373CD57-520C-46D9-9728-28E976AA87FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "08133352-C2AE-4656-8A41-2D054F8DC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8E256-7371-4702-96AC-3A72A364D88A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:5.0.0:u2:*:*:*:*:*:*",
"matchCriteriaId": "B6E0DE85-7C49-4446-9407-1778F438806B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F21D6157-BB2F-4D13-871C-654287765ABC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "45F2841C-51B4-49EA-B6F6-8C67525233A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A41C1B-AD58-42DD-8975-3CD6F0A34C15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:1:*:*:*:*:*:*",
"matchCriteriaId": "0A4E41C0-31FA-47AA-A9BF-B9A6C1D44801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:2:*:*:*:*:*:*",
"matchCriteriaId": "AF016EE7-083A-4D62-A6D4-2807EB47B6DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:3:*:*:*:*:*:*",
"matchCriteriaId": "8F11844A-3C6C-4AA5-87DC-979AFF62867A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:4:*:*:*:*:*:*",
"matchCriteriaId": "AC463653-A599-45CF-8EA9-8854D5C59963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE707D-A1F4-4829-843E-F6633BB84D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:1:*:*:*:*:*:*",
"matchCriteriaId": "4DC5C2BF-6EC6-436F-A925-469E87249C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:2:*:*:*:*:*:*",
"matchCriteriaId": "7BCE5DA9-BB88-4169-B77C-40B1F98D511A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:1:*:*:*:*:*:*",
"matchCriteriaId": "7C5A1C2B-119E-49F3-B8E6-0610EE1C445C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:2:*:*:*:*:*:*",
"matchCriteriaId": "AF29B5A4-6E4C-4EAE-BC6A-0DD44262EE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7217CBE1-3882-4045-A15C-EE7D4174CA00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "La implementaci\u00f3n en vmci.sys en el Virtual Machine Communication Interface (VMCI) en VMware Workstation v8.x anterior a v8.0.5 y v9.x anterior a v9.0.1 para Windows, VMware Fusion v4.1 anterior a v4.1.4 y 5.0 anterior a v5.0.2, VMware View v4.x anterior a v4.6.2 y v5.x anterior a v5.1.2 para Windows, VMware ESXi v4.0 a la v5.1, y VMware ESX v4.0 y v4.1, no restringe adecuadamente la asignaci\u00f3n de memoria por control c\u00f3digo, lo que permite a usuarios locales elevar sus privilegios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-1406",
"lastModified": "2024-11-21T01:49:30.850",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-02-11T22:55:01.413",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0002.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17164"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}