All the vulnerabilites related to vmware - vmware_server
Vulnerability from fkie_nvd
Published
2008-03-20 00:44
Modified
2024-11-21 00:44
Severity ?
Summary
Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption."
References
cve@mitre.orghttp://lists.vmware.com/pipermail/security-announce/2008/000008.htmlPatch
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-201209-25.xml
cve@mitre.orghttp://securityreason.com/securityalert/3755
cve@mitre.orghttp://securitytracker.com/id?1019624
cve@mitre.orghttp://www.securityfocus.com/archive/1/489739/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/28276Patch
cve@mitre.orghttp://www.securityfocus.com/bid/28289
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2008-0005.htmlPatch
cve@mitre.orghttp://www.vmware.com/support/ace2/doc/releasenotes_ace2.htmlPatch
cve@mitre.orghttp://www.vmware.com/support/player2/doc/releasenotes_player2.htmlPatch
cve@mitre.orghttp://www.vmware.com/support/ws6/doc/releasenotes_ws6.htmlPatch
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/0905/references
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/41250
af854a3a-2127-422b-91ae-364da2661108http://lists.vmware.com/pipermail/security-announce/2008/000008.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201209-25.xml
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3755
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1019624
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/489739/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/28276Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/28289
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2008-0005.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/ace2/doc/releasenotes_ace2.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/player2/doc/releasenotes_player2.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/ws6/doc/releasenotes_ws6.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0905/references
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/41250
Impacted products
Vendor Product Version
vmware ace 1.0
vmware ace 2.0
vmware player 1.0.2
vmware player 1.0.3
vmware player 1.0.4
vmware player 1.0.5
vmware player 2.0
vmware player 2.0.1
vmware player 2.0.2
vmware server 1.0.3
vmware vmware_server 1.0.2
vmware vmware_server 1.0.4
vmware vmware_workstation 5.5.5
vmware vmware_workstation 6.0.1
vmware vmware_workstation 6.0.2
vmware workstation 5.5
vmware workstation 5.5.3_build_34685
vmware workstation 5.5.3_build_42958
vmware workstation 5.5.4
vmware workstation 5.5.4_build_44386
vmware workstation 6.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3CF9F67-DE1A-4CB0-B3AB-B28DC8C02C4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*",
              "matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDEAB605-03F6-4968-8A48-126C7C711043",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE2ADE72-4F19-4E73-AC3E-7038FE0D38B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger \"memory exhaustion and memory corruption.\""
    },
    {
      "lang": "es",
      "value": "Virtual Machine Communication Interface (VMCI) en VMware Workstation versiones 6.0.x anteriores a 6.0.3, VMware Player versiones 2.0.x anterirores a 2.0.3, y VMware ACE versiones 2.0.x anteriores a 2.0.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema operativo del servidor) mediante llamadas VMCI especialmente construidas que provocan el agotamiento y la corrupci\u00f3n de la memoria."
    }
  ],
  "id": "CVE-2008-1340",
  "lastModified": "2024-11-21T00:44:18.530",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-03-20T00:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3755"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1019624"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/28276"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/28289"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0905/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41250"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/28276"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28289"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0905/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41250"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-09-03 14:12
Modified
2024-11-21 00:49
Severity ?
Summary
An unspecified ISAPI extension in VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (IIS crash) via a malformed request.
References
cve@mitre.orghttp://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
cve@mitre.orghttp://secunia.com/advisories/31708Vendor Advisory
cve@mitre.orghttp://securityreason.com/securityalert/4202
cve@mitre.orghttp://www.securityfocus.com/archive/1/495869/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/30935
cve@mitre.orghttp://www.securitytracker.com/id?1020789
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2008-0014.html
cve@mitre.orghttp://www.vmware.com/support/server/doc/releasenotes_server.html
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/2466
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/44796
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31708Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/4202
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/495869/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/30935
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020789
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2008-0014.html
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/server/doc/releasenotes_server.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2466
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/44796
Impacted products
Vendor Product Version
vmware server 1.0.1_build_29996
vmware server 1.0.3
vmware server 1.0.4_build_56528
vmware vmware_server *
vmware vmware_server 1.0
vmware vmware_server 1.0.0
vmware vmware_server 1.0.1
vmware vmware_server 1.0.2
vmware vmware_server 1.0.4
vmware vmware_server 1.0.5


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:server:1.0.1_build_29996:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB051A5C-5F66-4732-949A-48B0FDE4AFF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:server:1.0.4_build_56528:*:*:*:*:*:*:*",
              "matchCriteriaId": "87489138-7756-453C-A149-F2C4F95EFF9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F800DA-B1AF-469E-AE41-D3D46813EFB3",
              "versionEndIncluding": "1.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "025EC5A6-E4DF-421F-911B-BD15FBF2A3BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8230EFE6-8AB6-41DF-9A46-CAE4E5BB7F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B2C792F-48DA-46B5-B42E-9A045B393531",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6F9A4A-41B0-48D9-B60C-EBF4EF899953",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An unspecified ISAPI extension in VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (IIS crash) via a malformed request."
    },
    {
      "lang": "es",
      "value": "Una extensi\u00f3n ISAPI sin especificar en VMware Server versiones anteriores a 1.0.7 build 108231 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda IIS) a trav\u00e9s de peticiones mal formadas."
    }
  ],
  "id": "CVE-2008-3697",
  "lastModified": "2024-11-21T00:49:54.027",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-09-03T14:12:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31708"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/4202"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/30935"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020789"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/2466"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44796"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/4202"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/30935"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020789"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2466"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44796"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-10-13 01:17
Modified
2024-11-21 00:37
Severity ?
Summary
Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe), related to the ConnectPopulatedDiskEx function.
References
cve@mitre.orghttp://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
cve@mitre.orghttp://osvdb.org/43488
cve@mitre.orghttp://secunia.com/advisories/31707Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/31708Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/31709Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/31710Vendor Advisory
cve@mitre.orghttp://securityreason.com/securityalert/3219
cve@mitre.orghttp://www.eleytt.com/advisories/eleytt_VMWARE1.pdf
cve@mitre.orghttp://www.securityfocus.com/archive/1/482021/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/495869/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/26025
cve@mitre.orghttp://www.securitytracker.com/id?1020791
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2008-0014.html
cve@mitre.orghttp://www.vmware.com/support/ace/doc/releasenotes_ace.html
cve@mitre.orghttp://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
cve@mitre.orghttp://www.vmware.com/support/player/doc/releasenotes_player.html
cve@mitre.orghttp://www.vmware.com/support/player2/doc/releasenotes_player2.html
cve@mitre.orghttp://www.vmware.com/support/server/doc/releasenotes_server.html
cve@mitre.orghttp://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
cve@mitre.orghttp://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/2466Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/43488
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31707Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31708Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31709Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31710Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3219
af854a3a-2127-422b-91ae-364da2661108http://www.eleytt.com/advisories/eleytt_VMWARE1.pdf
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/482021/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/495869/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/26025
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020791
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2008-0014.html
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/ace/doc/releasenotes_ace.html
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/player/doc/releasenotes_player.html
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/player2/doc/releasenotes_player2.html
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/server/doc/releasenotes_server.html
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2466Vendor Advisory
Impacted products
Vendor Product Version
vmware ace 1.0
vmware ace 1.0.1
vmware ace 1.0.2
vmware ace 1.0.3
vmware ace 1.0.4
vmware ace 1.0.5
vmware ace 1.0.6
vmware ace 1.0.7
vmware ace 2.0
vmware ace 2.0.1
vmware ace 2.0.2
vmware ace 2.0.3
vmware ace 2.0.4
vmware ace 2.0.5
vmware vmware_player 1.0.0
vmware vmware_player 1.0.1
vmware vmware_player 1.0.2
vmware vmware_player 1.0.3
vmware vmware_player 1.0.4
vmware vmware_player 1.0.5
vmware vmware_player 1.0.6
vmware vmware_player 1.0.7
vmware vmware_player 1.0.8
vmware vmware_player 2.0
vmware vmware_player 2.0.1
vmware vmware_player 2.0.2
vmware vmware_player 2.0.3
vmware vmware_player 2.0.4
vmware vmware_player 2.0.5
vmware vmware_server *
vmware vmware_server 1.0
vmware vmware_server 1.0.1
vmware vmware_server 1.0.2
vmware vmware_server 1.0.3
vmware vmware_server 1.0.4
vmware vmware_server 1.0.5
vmware vmware_server 1.0.6
vmware vmware_workstation 5.5.0
vmware vmware_workstation 5.5.1
vmware vmware_workstation 5.5.2
vmware vmware_workstation 5.5.3
vmware vmware_workstation 5.5.4
vmware vmware_workstation 5.5.5
vmware vmware_workstation 5.5.6
vmware vmware_workstation 5.5.7
vmware vmware_workstation 5.5.8
vmware vmware_workstation 6.0
vmware vmware_workstation 6.0.1
vmware vmware_workstation 6.0.2
vmware vmware_workstation 6.0.3
vmware vmware_workstation 6.0.4
vmware vmware_workstation 6.0.5


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFC82A8C-E561-4E35-A84D-66A4D6C90264",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D346E48-887C-4D02-BFD3-D323B7F3871C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9C6150A-2DF3-4F7B-B024-0F3DBB686124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40192EE1-A300-42C3-BC98-286C9E5A281E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "87291B27-442C-4CAB-94A1-67FC766486EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B04862-4377-422E-931A-B17FE1CA1884",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C35B6730-F05B-4B62-B4DE-07C61A4924F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D22E40D-C362-49FD-924C-262A64555934",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A48CEB4-5864-4A0F-B14C-CFE4699C3311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "78957047-FB9F-4D1D-B3D9-91257A6B4D7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A04DB52-C66C-4AA9-9D6F-9D2DC202C5C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "280033C5-90EF-4825-A87D-B23650D8C71A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3771AFCF-E247-427A-8076-9E36EA457658",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C124AC-C421-459E-8251-E7B3BD33874B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "65DD6966-72EA-4C4D-BC90-B0D534834BA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBFC9B7A-8A40-467B-9102-EE5259EC4D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E684965-43F7-4A51-850F-4C88F42940E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB9565E5-042E-4C62-A7C7-54808B15F0BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "357B60EC-C5F1-4FA4-B4AF-F81298479D39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "933562E3-B6D5-4250-A07B-AB8437ED4D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "09F23F68-6853-4862-99CB-4F214816358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4FFF490-8AA9-4296-99F0-DC57E5D4F56C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FC850AB-7728-4EE3-9EB5-E1E4D7338202",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B1CA212-4114-4D45-B746-9C2AAF60CFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5085E31D-7472-408B-A85D-90337407A24F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D57F024-3484-4EEA-8F9E-08A1AE5E3D19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "13D82E91-181E-4E7D-943D-6FC74D40CEB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "468BCB8E-139E-4340-B671-7DB979499D14",
              "versionEndIncluding": "1.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "025EC5A6-E4DF-421F-911B-BD15FBF2A3BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B2C792F-48DA-46B5-B42E-9A045B393531",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CA04700-CF35-43CA-AD4E-BB93E206FDD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6F9A4A-41B0-48D9-B60C-EBF4EF899953",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "11AEF399-7640-45CB-9393-11F06D0E13C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270D5FAD-A226-4F6F-BF0B-2C6D91C525D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6811B662-07E0-4B95-BFC6-C87C02110C12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "504CD24F-2EC6-45C0-8E46-69BAE8483521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0EAB3D2-79EE-43A3-8A08-3E8140C1B1A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE15637B-FAE4-4FC7-8F45-B3B1554F8F3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B32C157-020F-400B-970C-B93CF573EB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E1F0A2-8791-4627-8583-55B2A67D2F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3767CDDC-DF72-4AAE-B544-D2DFE02A199D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "640130AA-C905-4DD6-97BD-ABA90705F0B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EBBFDD-AC46-481A-8DA7-64619B447637",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC0B1FF0-80DC-433B-9298-346225060808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ECA0396-CBCA-4D21-BD9A-EFCE24D616D8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe), related to the ConnectPopulatedDiskEx function."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en un cierto control ActiveX en Reconfig.DLL en VMware Workstation 5.5.x anteriores al 5.5.8 build 108000, VMware Workstation versiones 6.0.x anteriores a 6.0.5 build 109488, VMware Player versiones 1.x anteriores a 1.0.8 build 108000, VMware Player versiones 2.x anteriores a 2.0.5 build 109488, VMware ACE versiones 1.x anteriores a 1.0.7 build 108880, VMware ACE versiones 2.x anteriores a 2.0.5 build 109488 y VMware Server versiones anteriores a 1.0.7 build 108231, podr\u00eda permitir a usuarios locales una denegaci\u00f3n de servicio al Virtual Disk Mount Service (vmount2.exe), relacionado con la funci\u00f3n ConnectPopulatedDiskEx."
    }
  ],
  "id": "CVE-2007-5438",
  "lastModified": "2024-11-21T00:37:53.830",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 1.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-10-13T01:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/43488"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31707"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31708"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31709"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31710"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3219"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.eleytt.com/advisories/eleytt_VMWARE1.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26025"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020791"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2466"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/43488"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31707"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31709"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31710"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.eleytt.com/advisories/eleytt_VMWARE1.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26025"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020791"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2466"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-06-05 20:32
Modified
2024-11-21 00:38
Severity ?
Summary
HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\.\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges.
References
cve@mitre.orghttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712
cve@mitre.orghttp://secunia.com/advisories/30556Vendor Advisory
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-201209-25.xml
cve@mitre.orghttp://securityreason.com/securityalert/3922
cve@mitre.orghttp://securitytracker.com/id?1020197
cve@mitre.orghttp://www.securityfocus.com/archive/1/493080/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/493148/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/493172/100/0/threaded
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2008-0009.html
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/1744
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688
af854a3a-2127-422b-91ae-364da2661108http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30556Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201209-25.xml
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3922
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1020197
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/493080/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/493148/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/493172/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2008-0009.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1744
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688
Impacted products
Vendor Product Version
vmware ace 1.0.0
vmware ace 1.0.1
vmware ace 1.0.2
vmware ace 1.0.3
vmware ace 1.0.4
vmware esx_server 2.5.5
vmware player 1.0.4
vmware server 1.0.3
vmware vmware_player 1.0.0
vmware vmware_player 1.0.1
vmware vmware_player 1.0.2
vmware vmware_player 1.0.3
vmware vmware_player 1.0.5
vmware vmware_server 1.0.0
vmware vmware_server 1.0.1
vmware vmware_server 1.0.2
vmware vmware_server 1.0.4
vmware vmware_workstation 5.5.0
vmware vmware_workstation 5.5.2
vmware vmware_workstation 5.5.5
vmware workstation 5.5.1
vmware workstation 5.5.3
vmware workstation 5.5.4
vmware esx 2.5.4
vmware esx 3.0.0
vmware esx 3.0.1
vmware esx 3.0.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "700C0BB4-2272-4405-9D9A-A636E3D22461",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFC82A8C-E561-4E35-A84D-66A4D6C90264",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D346E48-887C-4D02-BFD3-D323B7F3871C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9C6150A-2DF3-4F7B-B024-0F3DBB686124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40192EE1-A300-42C3-BC98-286C9E5A281E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:esx_server:2.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ADCA876-2B69-4267-8467-E7E470428D32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3771AFCF-E247-427A-8076-9E36EA457658",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C124AC-C421-459E-8251-E7B3BD33874B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "65DD6966-72EA-4C4D-BC90-B0D534834BA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBFC9B7A-8A40-467B-9102-EE5259EC4D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB9565E5-042E-4C62-A7C7-54808B15F0BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8230EFE6-8AB6-41DF-9A46-CAE4E5BB7F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B2C792F-48DA-46B5-B42E-9A045B393531",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270D5FAD-A226-4F6F-BF0B-2C6D91C525D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "504CD24F-2EC6-45C0-8E46-69BAE8483521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "294B621F-6C1A-4571-AE13-49495680D255",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BA47458-E783-4A6A-ABF1-59E8D87E9B33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1BA6DF4-4D53-482A-8820-B9B0E6EBD51D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974D84A6-F5AB-4F0A-B9B5-9095A0E4733C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C3613B7-CA1B-4C9A-9076-A2894202DDA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE7ECF1C-285C-4AA3-8B66-28EDAB0763E8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\\\.\\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges."
    },
    {
      "lang": "es",
      "value": "HGFS.sys en el VMware Tools package en VMware Workstation 5.x anterior a 5.5.6 build 80404, VMware Player anterior a 1.0.6 build 80404, VMware ACE anterior a 1.0.5 build 79846, VMware Server anterior a 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2, no valida correctamente argumentos en el modo de usuario METHOD_NEITHER IOCTLs hacia  \\\\.\\hgfs, lo que permite al sistema operativo huesped, modificar ubicaciones de memoria de su elecci\u00f3n en el n\u00facleo de la memoria del sistema huesped y as\u00ed obtener privilegios."
    }
  ],
  "id": "CVE-2007-5671",
  "lastModified": "2024-11-21T00:38:25.913",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-06-05T20:32:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30556"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3922"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1020197"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/493148/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/493172/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1744"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30556"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3922"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1020197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/493148/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/493172/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1744"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-03-20 00:44
Modified
2024-11-21 00:44
Severity ?
Summary
Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service.
References
cve@mitre.orghttp://lists.vmware.com/pipermail/security-announce/2008/000008.htmlPatch
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-201209-25.xml
cve@mitre.orghttp://securityreason.com/securityalert/3755
cve@mitre.orghttp://securitytracker.com/id?1019623
cve@mitre.orghttp://www.securityfocus.com/archive/1/489739/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/28276
cve@mitre.orghttp://www.securityfocus.com/bid/28289
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2008-0005.htmlPatch
cve@mitre.orghttp://www.vmware.com/support/fusion/doc/releasenotes_fusion.htmlPatch
cve@mitre.orghttp://www.vmware.com/support/player/doc/releasenotes_player.htmlPatch
cve@mitre.orghttp://www.vmware.com/support/server/doc/releasenotes_server.htmlPatch
cve@mitre.orghttp://www.vmware.com/support/ws55/doc/releasenotes_ws55.htmlPatch
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/0905/references
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/41254
af854a3a-2127-422b-91ae-364da2661108http://lists.vmware.com/pipermail/security-announce/2008/000008.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201209-25.xml
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3755
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1019623
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/489739/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/28276
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/28289
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2008-0005.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/fusion/doc/releasenotes_fusion.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/player/doc/releasenotes_player.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/server/doc/releasenotes_server.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/ws55/doc/releasenotes_ws55.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0905/references
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/41254
Impacted products
Vendor Product Version
vmware ace 1.0
vmware ace 2.0
vmware player 1.0.2
vmware player 1.0.3
vmware player 1.0.4
vmware player 1.0.5
vmware player 2.0
vmware player 2.0.1
vmware player 2.0.2
vmware server 1.0.3
vmware vmware_server 1.0.2
vmware vmware_server 1.0.4
vmware vmware_workstation 5.5.5
vmware vmware_workstation 6.0.1
vmware vmware_workstation 6.0.2
vmware workstation 5.5
vmware workstation 5.5.3_build_34685
vmware workstation 5.5.3_build_42958
vmware workstation 5.5.4
vmware workstation 5.5.4_build_44386
vmware workstation 6.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3CF9F67-DE1A-4CB0-B3AB-B28DC8C02C4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*",
              "matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDEAB605-03F6-4968-8A48-126C7C711043",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE2ADE72-4F19-4E73-AC3E-7038FE0D38B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el servicio DHCP en VMware Workstation versiones 5.5.x anteriores a 5.5.6, VMware Player versiones 1.0.x anteriores a 1.0.6, VMware ACE versiones 1.0.x anteriores a 1.0.5, VMware Server versiones 1.0.x anteriores a 1.0.5, y VMware Fusion versiones 1.1.x anteriores a 1.1.1 permite a atacantes provocar una denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2008-1364",
  "lastModified": "2024-11-21T00:44:22.493",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-03-20T00:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3755"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1019623"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/28276"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/28289"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0905/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41254"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019623"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28276"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28289"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0905/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41254"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. This issue did not affect the versions of dhcp as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.\n",
      "lastModified": "2008-06-03T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-06-05 20:32
Modified
2024-11-21 00:43
Severity ?
Summary
Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file.
References
cve@mitre.orghttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713
cve@mitre.orghttp://secunia.com/advisories/30556Vendor Advisory
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-201209-25.xml
cve@mitre.orghttp://securityreason.com/securityalert/3922
cve@mitre.orghttp://securitytracker.com/id?1020198
cve@mitre.orghttp://www.securityfocus.com/archive/1/493080/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/29557
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2008-0009.htmlVendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/1744Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/42878
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583
af854a3a-2127-422b-91ae-364da2661108http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30556Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201209-25.xml
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3922
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1020198
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/493080/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/29557
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2008-0009.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1744Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/42878
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583
Impacted products
Vendor Product Version
vmware esx_server 2.5.5
vmware esx_server 3.1
vmware esx_server 3.2
vmware esx_server 3.3
vmware esx_server 3.5
vmware esxi 3.5
vmware player 1.0.0
vmware player 1.0.1
vmware player 1.0.2
vmware player 1.0.3
vmware player 1.0.4
vmware player 1.0.5
vmware player 1.0.6
vmware player 2.0
vmware player 2.0.1
vmware player 2.0.2
vmware player 2.0.3
vmware server 1.0.3
vmware vmware_server 1.0.0
vmware vmware_server 1.0.1
vmware vmware_server 1.0.2
vmware vmware_server 1.0.4
vmware vmware_server 1.0.5
vmware vmware_workstation 5.5.0
vmware vmware_workstation 5.5.2
vmware vmware_workstation 5.5.5
vmware vmware_workstation 5.5.6
vmware vmware_workstation 6.0.1
vmware vmware_workstation 6.0.2
vmware vmware_workstation 6.0.3
vmware workstation 5.5.1
vmware workstation 5.5.3
vmware workstation 5.5.4
vmware workstation 6.0
vmware esx 3.0.0
vmware esx 3.0.1
vmware esx 3.0.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:esx_server:2.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ADCA876-2B69-4267-8467-E7E470428D32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:esx_server:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB4346ED-5837-4784-8D87-6C148BA4AAA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:esx_server:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15063D48-B55F-41C4-8AE3-CB96F1F1BB86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:esx_server:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D40A48BB-A2E5-4D27-8E11-DE9D1CF08FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:esx_server:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "16EFF4E2-CA32-4FA4-AC4B-82D8C50769D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E76D03A3-DB55-48A2-B5A5-64002D28B95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EAC68CA-DCA3-4399-807D-E7AC67C9C3E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA35C066-90A9-4DE2-A97A-38A6CFC59A42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D3F9D4D-2116-49A7-9292-AF6B4456E175",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8230EFE6-8AB6-41DF-9A46-CAE4E5BB7F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B2C792F-48DA-46B5-B42E-9A045B393531",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6F9A4A-41B0-48D9-B60C-EBF4EF899953",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270D5FAD-A226-4F6F-BF0B-2C6D91C525D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "504CD24F-2EC6-45C0-8E46-69BAE8483521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B32C157-020F-400B-970C-B93CF573EB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EBBFDD-AC46-481A-8DA7-64619B447637",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "294B621F-6C1A-4571-AE13-49495680D255",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BA47458-E783-4A6A-ABF1-59E8D87E9B33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974D84A6-F5AB-4F0A-B9B5-9095A0E4733C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C3613B7-CA1B-4C9A-9076-A2894202DDA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE7ECF1C-285C-4AA3-8B66-28EDAB0763E8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en vmware-authd en VMware Workstation versi\u00f3n 5.x anterior a 5.5.7 build 91707 y versi\u00f3n 6.x anterior a 6.0.4 build 93057, VMware Player versi\u00f3n 1.x anterior a 1.0.7 build 91707 y versi\u00f3n 2.x anterior a 2.0.4 build 93057, y VMware Server anterior a 1.0.6 build 91891 en Linux, y VMware ESXi versi\u00f3n 3.5 y VMware ESX versi\u00f3n 2.5.4 hasta 3.5, permite a los usuarios locales obtener privilegios por medio de una opci\u00f3n de path library en un archivo de configuraci\u00f3n."
    }
  ],
  "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html \r\n\u0027CWE-426: Untrusted Search Path\u0027",
  "id": "CVE-2008-0967",
  "lastModified": "2024-11-21T00:43:20.430",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-06-05T20:32:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30556"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3922"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1020198"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/29557"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1744"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42878"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30556"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3922"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1020198"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29557"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1744"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42878"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-03-20 00:44
Modified
2024-11-21 00:44
Severity ?
Summary
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362.
References
cve@mitre.orghttp://lists.vmware.com/pipermail/security-announce/2008/000008.html
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-201209-25.xml
cve@mitre.orghttp://securityreason.com/securityalert/3755
cve@mitre.orghttp://securitytracker.com/id?1019621
cve@mitre.orghttp://www.securityfocus.com/archive/1/489739/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/28276Patch
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2008-0005.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.vmware.com/support/ace2/doc/releasenotes_ace2.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.vmware.com/support/player/doc/releasenotes_player.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.vmware.com/support/player2/doc/releasenotes_player2.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.vmware.com/support/server/doc/releasenotes_server.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.vmware.com/support/ws55/doc/releasenotes_ws55.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/0905/references
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/41257
af854a3a-2127-422b-91ae-364da2661108http://lists.vmware.com/pipermail/security-announce/2008/000008.html
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201209-25.xml
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3755
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1019621
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/489739/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/28276Patch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2008-0005.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/ace2/doc/releasenotes_ace2.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/player/doc/releasenotes_player.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/player2/doc/releasenotes_player2.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/server/doc/releasenotes_server.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/ws55/doc/releasenotes_ws55.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0905/references
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/41257
Impacted products
Vendor Product Version
vmware ace 1.0
vmware ace 1.0.1
vmware ace 1.0.2
vmware ace 1.0.3
vmware ace 1.0.4
vmware ace 2.0
vmware player 1.0.2
vmware player 1.0.3
vmware player 1.0.4
vmware player 1.0.5
vmware player 2.0
vmware player 2.0.1
vmware player 2.0.2
vmware server 1.0.3
vmware vmware_server 1.0.0
vmware vmware_server 1.0.1
vmware vmware_server 1.0.2
vmware vmware_server 1.0.3
vmware vmware_server 1.0.4
vmware vmware_workstation 5.5.5
vmware vmware_workstation 6.0.1
vmware vmware_workstation 6.0.2
vmware workstation 5.5
vmware workstation 5.5.3_build_34685
vmware workstation 5.5.3_build_42958
vmware workstation 5.5.4
vmware workstation 5.5.4_build_44386
vmware workstation 6.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFC82A8C-E561-4E35-A84D-66A4D6C90264",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D346E48-887C-4D02-BFD3-D323B7F3871C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9C6150A-2DF3-4F7B-B024-0F3DBB686124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40192EE1-A300-42C3-BC98-286C9E5A281E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8230EFE6-8AB6-41DF-9A46-CAE4E5BB7F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B2C792F-48DA-46B5-B42E-9A045B393531",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CA04700-CF35-43CA-AD4E-BB93E206FDD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3CF9F67-DE1A-4CB0-B3AB-B28DC8C02C4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*",
              "matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDEAB605-03F6-4968-8A48-126C7C711043",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE2ADE72-4F19-4E73-AC3E-7038FE0D38B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362."
    },
    {
      "lang": "es",
      "value": "VMware Workstation versiones 6.0.x anteriores a 6.0.3 y 5.5.x anteriores a 5.5.6, VMware Player versiones 2.0.x anteriores a 2.0.3 y 1.0.x anteriores a 1.0.6, VMware ACE versiones 2.0.x anteriores a 2.0.1 y 1.0.x anteriores a 1.0.5, y VMware Server versiones 1.0.x anteriores a 1.0.5 para Windows permite a usuarios locales conseguir privilegios mediante una manipulaci\u00f3n no espec\u00edfica que causa que el proceso authd conecte con un nombre de tuber\u00eda de su elecci\u00f3n, siendo una vulnerabilidad diferente que CVE-2008-1362."
    }
  ],
  "id": "CVE-2008-1361",
  "lastModified": "2024-11-21T00:44:22.030",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-03-20T00:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3755"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1019621"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/28276"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0905/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41257"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019621"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/28276"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0905/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41257"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-03-20 00:44
Modified
2024-11-21 00:44
Severity ?
Summary
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an "insecurely created named pipe," a different vulnerability than CVE-2008-1361.
References
cve@mitre.orghttp://lists.vmware.com/pipermail/security-announce/2008/000008.htmlPatch
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-201209-25.xml
cve@mitre.orghttp://securityreason.com/securityalert/3755
cve@mitre.orghttp://securitytracker.com/id?1019621
cve@mitre.orghttp://www.securityfocus.com/archive/1/489739/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/28276
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2008-0005.htmlPatch
cve@mitre.orghttp://www.vmware.com/support/ace2/doc/releasenotes_ace2.htmlPatch
cve@mitre.orghttp://www.vmware.com/support/player/doc/releasenotes_player.htmlPatch
cve@mitre.orghttp://www.vmware.com/support/player2/doc/releasenotes_player2.htmlPatch
cve@mitre.orghttp://www.vmware.com/support/server/doc/releasenotes_server.htmlPatch
cve@mitre.orghttp://www.vmware.com/support/ws55/doc/releasenotes_ws55.htmlPatch
cve@mitre.orghttp://www.vmware.com/support/ws6/doc/releasenotes_ws6.htmlPatch
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/0905/references
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/41259
af854a3a-2127-422b-91ae-364da2661108http://lists.vmware.com/pipermail/security-announce/2008/000008.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201209-25.xml
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3755
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1019621
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/489739/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/28276
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2008-0005.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/ace2/doc/releasenotes_ace2.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/player/doc/releasenotes_player.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/player2/doc/releasenotes_player2.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/server/doc/releasenotes_server.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/ws55/doc/releasenotes_ws55.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/ws6/doc/releasenotes_ws6.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0905/references
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/41259
Impacted products
Vendor Product Version
vmware ace 1.0
vmware ace 2.0
vmware player 1.0.2
vmware player 1.0.3
vmware player 1.0.4
vmware player 1.0.5
vmware player 2.0
vmware player 2.0.1
vmware player 2.0.2
vmware server 1.0.3
vmware vmware_server 1.0.2
vmware vmware_server 1.0.4
vmware vmware_workstation 5.5.5
vmware vmware_workstation 6.0.1
vmware vmware_workstation 6.0.2
vmware workstation 5.5
vmware workstation 5.5.3_build_34685
vmware workstation 5.5.3_build_42958
vmware workstation 5.5.4
vmware workstation 5.5.4_build_44386
vmware workstation 6.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3CF9F67-DE1A-4CB0-B3AB-B28DC8C02C4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*",
              "matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDEAB605-03F6-4968-8A48-126C7C711043",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE2ADE72-4F19-4E73-AC3E-7038FE0D38B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an \"insecurely created named pipe,\" a different vulnerability than CVE-2008-1361."
    },
    {
      "lang": "es",
      "value": "VMware Workstation versiones 6.0.x anteriores a 6.0.3 y versiones 5.5.x anteriores a 5.5.6, VMware Player versiones 2.0.x anteriores a 2.0.3 y versiones 1.0.x anteriores a 1.0.6, VMware ACE versiones 2.0.x anteriores a 2.0.1 y versiones 1.0.x anteriores a 1.0.5, y VMware Server versiones 1.0.x anteriores a 1.0.5 para Windows permite a usuarios locales conseguir privilegios o provocar una denegaci\u00f3n de servicio utilizando la suplantaci\u00f3n del proceso authd a trav\u00e9s de un uso no especificado de una \"tuber\u00eda de nombres creada de forma no segura\", siendo una vulnerabilidad diferente que CVE-2008-1361."
    }
  ],
  "id": "CVE-2008-1362",
  "lastModified": "2024-11-21T00:44:22.187",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-03-20T00:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3755"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1019621"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/28276"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0905/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41259"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019621"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28276"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0905/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41259"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-06 15:30
Modified
2024-11-21 00:52
Severity ?
Summary
Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors.
References
cve@mitre.orghttp://lists.vmware.com/pipermail/security-announce/2009/000054.html
cve@mitre.orghttp://seclists.org/fulldisclosure/2009/Apr/0036.html
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-201209-25.xml
cve@mitre.orghttp://www.securityfocus.com/bid/34373
cve@mitre.orghttp://www.securitytracker.com/id?1021973
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2009-0005.html
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/0944
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6439
af854a3a-2127-422b-91ae-364da2661108http://lists.vmware.com/pipermail/security-announce/2009/000054.html
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2009/Apr/0036.html
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201209-25.xml
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34373
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1021973
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2009-0005.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0944
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6439
Impacted products
Vendor Product Version
emc vmware_player *
vmware vmware_ace 1.0
vmware vmware_ace 1.0.2
vmware vmware_ace 1.0.3
vmware vmware_ace 1.0.4
vmware vmware_ace 1.0.5
vmware vmware_ace 1.0.7
vmware vmware_ace 1.0.8
vmware vmware_ace 2.0.1
vmware vmware_ace 2.0.2
vmware vmware_ace 2.0.3
vmware vmware_ace 2.0.5
vmware vmware_ace 2.5
vmware vmware_ace 2.5.1
vmware vmware_esx 3.0.2
vmware vmware_esx 3.0.3
vmware vmware_esx 3.5
vmware vmware_esxi 3.5
vmware vmware_player 1.0.0
vmware vmware_player 1.0.1
vmware vmware_player 1.0.2
vmware vmware_player 1.0.3
vmware vmware_player 1.0.4
vmware vmware_player 1.0.5
vmware vmware_player 1.0.6
vmware vmware_player 1.0.7
vmware vmware_player 1.0.8
vmware vmware_player 1.0.9
vmware vmware_player 1.01
vmware vmware_player 1.05
vmware vmware_player 2.0
vmware vmware_player 2.0.1
vmware vmware_player 2.0.2
vmware vmware_player 2.0.3
vmware vmware_player 2.0.4
vmware vmware_player 2.0.5
vmware vmware_player 2.5
vmware vmware_player 2.5.1
vmware vmware_server 1.0
vmware vmware_server 1.0.0
vmware vmware_server 1.0.1
vmware vmware_server 1.0.2
vmware vmware_server 1.0.3
vmware vmware_server 1.0.4
vmware vmware_server 1.0.5
vmware vmware_server 1.0.6
vmware vmware_server 1.0.7
vmware vmware_server 1.05
vmware vmware_server 2.0
vmware vmware_workstation 4.5.3
vmware vmware_workstation 5.0
vmware vmware_workstation 5.5.0
vmware vmware_workstation 5.5.1
vmware vmware_workstation 5.5.2
vmware vmware_workstation 5.5.3
vmware vmware_workstation 5.5.4
vmware vmware_workstation 5.5.5
vmware vmware_workstation 5.5.6
vmware vmware_workstation 5.5.7
vmware vmware_workstation 5.5.8
vmware vmware_workstation 6.0
vmware vmware_workstation 6.0.0.45731
vmware vmware_workstation 6.0.1
vmware vmware_workstation 6.0.2
vmware vmware_workstation 6.0.3
vmware vmware_workstation 6.0.4
vmware vmware_workstation 6.0.4
vmware vmware_workstation 6.0.5
vmware vmware_workstation 6.03
vmware vmware_workstation 6.5
vmware vmware_workstation 6.5.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:emc:vmware_player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A58FD7E-C4FB-4326-B402-F997B853ABEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_ace:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65133BF3-A7CC-4D9E-BBB4-F1984386F73E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_ace:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "45CEAD2D-6722-44AF-B92E-3306DF5468A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_ace:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "54494FC2-5513-48FE-AE9C-B08AEB6DDE4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_ace:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB43AB45-95B2-4230-8010-F0F387ACDD9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_ace:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4EA026A-6FD5-48D7-BC2F-B1004B6E0A85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_ace:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8C6CFB-7195-46B9-B4E6-1A0FC2A566E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_ace:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8388715-45C8-442D-96EB-2DB6898E5D56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_ace:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16C7643-5C41-4829-AFB2-32AF62088FE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_ace:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2E626EC-D398-4A76-A8E4-DB456460BA24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_ace:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1954B8A5-48EB-4D0C-A4D7-0F57FA4D7001",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_ace:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B23960F-EDD5-4705-8F1A-CE59DD90631B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_ace:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DDC66A2-8CB9-4C16-978A-B275C037E223",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_ace:2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF2B5092-3047-48FD-90CB-080388B7E659",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_esx:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE233FBC-F389-49CA-99D9-CDE26154BE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_esx:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "564269E8-9536-4E69-9760-C819F04D32AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_esx:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "93F8BE4D-EF33-4CC8-B66B-16ADE1CCBB63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_esxi:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C25C336B-B4BC-4FDF-8FD2-F90783841EB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3771AFCF-E247-427A-8076-9E36EA457658",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C124AC-C421-459E-8251-E7B3BD33874B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "65DD6966-72EA-4C4D-BC90-B0D534834BA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBFC9B7A-8A40-467B-9102-EE5259EC4D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E684965-43F7-4A51-850F-4C88F42940E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB9565E5-042E-4C62-A7C7-54808B15F0BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "357B60EC-C5F1-4FA4-B4AF-F81298479D39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "933562E3-B6D5-4250-A07B-AB8437ED4D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "09F23F68-6853-4862-99CB-4F214816358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAFBF6B0-5E0A-4F62-82C7-D9861D0F5F31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6706C47-91C1-4902-96FC-0431B01D508C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "43282BF6-665C-4F77-8E95-487523863965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4FFF490-8AA9-4296-99F0-DC57E5D4F56C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FC850AB-7728-4EE3-9EB5-E1E4D7338202",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B1CA212-4114-4D45-B746-9C2AAF60CFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5085E31D-7472-408B-A85D-90337407A24F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D57F024-3484-4EEA-8F9E-08A1AE5E3D19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "13D82E91-181E-4E7D-943D-6FC74D40CEB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "21C496BC-404A-4C23-A0CB-DEE8BB8550A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FC8AA52-F2A6-4FB1-85D8-EDD136031DDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "025EC5A6-E4DF-421F-911B-BD15FBF2A3BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8230EFE6-8AB6-41DF-9A46-CAE4E5BB7F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B2C792F-48DA-46B5-B42E-9A045B393531",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CA04700-CF35-43CA-AD4E-BB93E206FDD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6F9A4A-41B0-48D9-B60C-EBF4EF899953",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "11AEF399-7640-45CB-9393-11F06D0E13C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "80A84D8B-318B-4FEB-B1BD-A1515CA48506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:1.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "81AC6F29-6B96-4BF5-9E89-6AF58F5A483D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_server:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D562CD32-FECB-431C-AD26-01F2E38F94A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:4.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DFEB-3ADE-4057-BA9D-025BD5F5B477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "433C05BD-1CAC-4F40-9F69-D0333C5F0E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270D5FAD-A226-4F6F-BF0B-2C6D91C525D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6811B662-07E0-4B95-BFC6-C87C02110C12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "504CD24F-2EC6-45C0-8E46-69BAE8483521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0EAB3D2-79EE-43A3-8A08-3E8140C1B1A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE15637B-FAE4-4FC7-8F45-B3B1554F8F3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B32C157-020F-400B-970C-B93CF573EB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E1F0A2-8791-4627-8583-55B2A67D2F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3767CDDC-DF72-4AAE-B544-D2DFE02A199D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "640130AA-C905-4DD6-97BD-ABA90705F0B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.0.45731:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F01ABD8-5C77-422E-849C-E7460072DB0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EBBFDD-AC46-481A-8DA7-64619B447637",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC0B1FF0-80DC-433B-9298-346225060808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.4:build_93057:*:*:*:*:*:*",
              "matchCriteriaId": "5C2F6830-0BEA-4B83-A90A-65DA9434553A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ECA0396-CBCA-4D21-BD9A-EFCE24D616D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "652DCCCA-2C0F-482F-AD1C-F3913BD3430D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "94533C3D-8767-44DB-ABF7-B991C3E47858",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD775800-CA7B-4433-A921-4F84C57F45EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en un controlado de dispositivo virtual invitado en VMware Workstation versiones anteriores a v5.5.9 build 126128, y v6.5.1 y versiones anteriores 6.x ; VMware Player versiones anteriores a v1.0.9 build 126128, y v2.5.1 y versiones anteriores 2.x; VMware ACE versiones anteriores a v1.0.8 build 125922, y v2.5.1 y versiones anteriores 2.x; VMware Server 1.x versiones anteriores a v1.0.8 build 126538 y 2.0.x versiones anteriores a v2.0.1 build 156745; VMware Fusion versiones anteriore a v2.0.1; VMware ESXi v3.5; y VMware ESX 3.0.2, v3.0.3, y v3.5 permite a usuarios del sistema operativo visitantes provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema operativo host) a trav\u00e9s de vectores desconocidos."
    }
  ],
  "id": "CVE-2008-4916",
  "lastModified": "2024-11-21T00:52:50.127",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-06T15:30:01.530",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/34373"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1021973"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/0944"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6439"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021973"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0944"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6439"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2008-1340
Vulnerability from cvelistv5
Published
2008-03-20 00:00
Modified
2024-08-07 08:17
Severity ?
Summary
Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption."
References
http://security.gentoo.org/glsa/glsa-201209-25.xmlvendor-advisory, x_refsource_GENTOO
http://securityreason.com/securityalert/3755third-party-advisory, x_refsource_SREASON
https://exchange.xforce.ibmcloud.com/vulnerabilities/41250vdb-entry, x_refsource_XF
http://securitytracker.com/id?1019624vdb-entry, x_refsource_SECTRACK
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.htmlx_refsource_CONFIRM
http://www.vmware.com/support/player2/doc/releasenotes_player2.htmlx_refsource_CONFIRM
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/28289vdb-entry, x_refsource_BID
http://www.securityfocus.com/archive/1/489739/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://lists.vmware.com/pipermail/security-announce/2008/000008.htmlmailing-list, x_refsource_MLIST
http://www.vupen.com/english/advisories/2008/0905/referencesvdb-entry, x_refsource_VUPEN
http://www.vmware.com/security/advisories/VMSA-2008-0005.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/28276vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:17:34.436Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201209-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
          },
          {
            "name": "3755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3755"
          },
          {
            "name": "vmware-vmci-dos(41250)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41250"
          },
          {
            "name": "1019624",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019624"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
          },
          {
            "name": "28289",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28289"
          },
          {
            "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
          },
          {
            "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
          },
          {
            "name": "ADV-2008-0905",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0905/references"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
          },
          {
            "name": "28276",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28276"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-03-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger \"memory exhaustion and memory corruption.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201209-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
        },
        {
          "name": "3755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3755"
        },
        {
          "name": "vmware-vmci-dos(41250)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41250"
        },
        {
          "name": "1019624",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019624"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
        },
        {
          "name": "28289",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28289"
        },
        {
          "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
        },
        {
          "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
        },
        {
          "name": "ADV-2008-0905",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0905/references"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
        },
        {
          "name": "28276",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28276"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1340",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger \"memory exhaustion and memory corruption.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201209-25",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
            },
            {
              "name": "3755",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3755"
            },
            {
              "name": "vmware-vmci-dos(41250)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41250"
            },
            {
              "name": "1019624",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019624"
            },
            {
              "name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
            },
            {
              "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
            },
            {
              "name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
            },
            {
              "name": "28289",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28289"
            },
            {
              "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
            },
            {
              "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
              "refsource": "MLIST",
              "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
            },
            {
              "name": "ADV-2008-0905",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0905/references"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
            },
            {
              "name": "28276",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28276"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1340",
    "datePublished": "2008-03-20T00:00:00",
    "dateReserved": "2008-03-14T00:00:00",
    "dateUpdated": "2024-08-07T08:17:34.436Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-1364
Vulnerability from cvelistv5
Published
2008-03-20 00:00
Modified
2024-08-07 08:17
Severity ?
Summary
Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service.
References
http://security.gentoo.org/glsa/glsa-201209-25.xmlvendor-advisory, x_refsource_GENTOO
https://exchange.xforce.ibmcloud.com/vulnerabilities/41254vdb-entry, x_refsource_XF
http://securityreason.com/securityalert/3755third-party-advisory, x_refsource_SREASON
http://securitytracker.com/id?1019623vdb-entry, x_refsource_SECTRACK
http://www.vmware.com/support/server/doc/releasenotes_server.htmlx_refsource_CONFIRM
http://www.vmware.com/support/fusion/doc/releasenotes_fusion.htmlx_refsource_CONFIRM
http://www.vmware.com/support/player/doc/releasenotes_player.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/28289vdb-entry, x_refsource_BID
http://www.securityfocus.com/archive/1/489739/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://lists.vmware.com/pipermail/security-announce/2008/000008.htmlmailing-list, x_refsource_MLIST
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.htmlx_refsource_CONFIRM
http://www.vupen.com/english/advisories/2008/0905/referencesvdb-entry, x_refsource_VUPEN
http://www.vmware.com/security/advisories/VMSA-2008-0005.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/28276vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:17:34.579Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201209-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
          },
          {
            "name": "vmware-dhcp-unspecified-dos(41254)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41254"
          },
          {
            "name": "3755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3755"
          },
          {
            "name": "1019623",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019623"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
          },
          {
            "name": "28289",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28289"
          },
          {
            "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
          },
          {
            "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
          },
          {
            "name": "ADV-2008-0905",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0905/references"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
          },
          {
            "name": "28276",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28276"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-03-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201209-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
        },
        {
          "name": "vmware-dhcp-unspecified-dos(41254)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41254"
        },
        {
          "name": "3755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3755"
        },
        {
          "name": "1019623",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019623"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
        },
        {
          "name": "28289",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28289"
        },
        {
          "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
        },
        {
          "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
        },
        {
          "name": "ADV-2008-0905",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0905/references"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
        },
        {
          "name": "28276",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28276"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1364",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201209-25",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
            },
            {
              "name": "vmware-dhcp-unspecified-dos(41254)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41254"
            },
            {
              "name": "3755",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3755"
            },
            {
              "name": "1019623",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019623"
            },
            {
              "name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
            },
            {
              "name": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
            },
            {
              "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
            },
            {
              "name": "28289",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28289"
            },
            {
              "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
            },
            {
              "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
              "refsource": "MLIST",
              "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
            },
            {
              "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
            },
            {
              "name": "ADV-2008-0905",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0905/references"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
            },
            {
              "name": "28276",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28276"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1364",
    "datePublished": "2008-03-20T00:00:00",
    "dateReserved": "2008-03-17T00:00:00",
    "dateUpdated": "2024-08-07T08:17:34.579Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-0967
Vulnerability from cvelistv5
Published
2008-06-05 20:21
Modified
2024-08-07 08:01
Severity ?
Summary
Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file.
References
http://security.gentoo.org/glsa/glsa-201209-25.xmlvendor-advisory, x_refsource_GENTOO
http://www.vupen.com/english/advisories/2008/1744vdb-entry, x_refsource_VUPEN
http://www.vmware.com/security/advisories/VMSA-2008-0009.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/29557vdb-entry, x_refsource_BID
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/30556third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/493080/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://securitytracker.com/id?1020198vdb-entry, x_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/42878vdb-entry, x_refsource_XF
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583vdb-entry, signature, x_refsource_OVAL
http://securityreason.com/securityalert/3922third-party-advisory, x_refsource_SREASON
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713third-party-advisory, x_refsource_IDEFENSE
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:01:40.101Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201209-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
          },
          {
            "name": "ADV-2008-1744",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1744"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
          },
          {
            "name": "29557",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29557"
          },
          {
            "name": "oval:org.mitre.oval:def:4768",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768"
          },
          {
            "name": "30556",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30556"
          },
          {
            "name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
          },
          {
            "name": "1020198",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1020198"
          },
          {
            "name": "vmware-vmwareauthd-privilege-escalation(42878)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42878"
          },
          {
            "name": "oval:org.mitre.oval:def:5583",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583"
          },
          {
            "name": "3922",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3922"
          },
          {
            "name": "20080604 VMware Multiple Products vmware-authd Untrusted Library Loading Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201209-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
        },
        {
          "name": "ADV-2008-1744",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1744"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
        },
        {
          "name": "29557",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29557"
        },
        {
          "name": "oval:org.mitre.oval:def:4768",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768"
        },
        {
          "name": "30556",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30556"
        },
        {
          "name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
        },
        {
          "name": "1020198",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1020198"
        },
        {
          "name": "vmware-vmwareauthd-privilege-escalation(42878)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42878"
        },
        {
          "name": "oval:org.mitre.oval:def:5583",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583"
        },
        {
          "name": "3922",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3922"
        },
        {
          "name": "20080604 VMware Multiple Products vmware-authd Untrusted Library Loading Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0967",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201209-25",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
            },
            {
              "name": "ADV-2008-1744",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1744"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
            },
            {
              "name": "29557",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29557"
            },
            {
              "name": "oval:org.mitre.oval:def:4768",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768"
            },
            {
              "name": "30556",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30556"
            },
            {
              "name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
            },
            {
              "name": "1020198",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1020198"
            },
            {
              "name": "vmware-vmwareauthd-privilege-escalation(42878)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42878"
            },
            {
              "name": "oval:org.mitre.oval:def:5583",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583"
            },
            {
              "name": "3922",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3922"
            },
            {
              "name": "20080604 VMware Multiple Products vmware-authd Untrusted Library Loading Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-0967",
    "datePublished": "2008-06-05T20:21:00",
    "dateReserved": "2008-02-25T00:00:00",
    "dateUpdated": "2024-08-07T08:01:40.101Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-3697
Vulnerability from cvelistv5
Published
2008-09-03 14:00
Modified
2024-08-07 09:45
Severity ?
Summary
An unspecified ISAPI extension in VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (IIS crash) via a malformed request.
References
http://www.vmware.com/security/advisories/VMSA-2008-0014.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id?1020789vdb-entry, x_refsource_SECTRACK
http://www.vmware.com/support/server/doc/releasenotes_server.htmlx_refsource_CONFIRM
http://www.securityfocus.com/archive/1/495869/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.htmlmailing-list, x_refsource_FULLDISC
http://secunia.com/advisories/31708third-party-advisory, x_refsource_SECUNIA
http://securityreason.com/securityalert/4202third-party-advisory, x_refsource_SREASON
http://www.securityfocus.com/bid/30935vdb-entry, x_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/44796vdb-entry, x_refsource_XF
http://www.vupen.com/english/advisories/2008/2466vdb-entry, x_refsource_VUPEN
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:45:19.179Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
          },
          {
            "name": "1020789",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020789"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
          },
          {
            "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
          },
          {
            "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
          },
          {
            "name": "31708",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31708"
          },
          {
            "name": "4202",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/4202"
          },
          {
            "name": "30935",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/30935"
          },
          {
            "name": "vmware-isapi-extension-dos(44796)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44796"
          },
          {
            "name": "ADV-2008-2466",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2466"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-08-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An unspecified ISAPI extension in VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (IIS crash) via a malformed request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
        },
        {
          "name": "1020789",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020789"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
        },
        {
          "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
        },
        {
          "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
        },
        {
          "name": "31708",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31708"
        },
        {
          "name": "4202",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/4202"
        },
        {
          "name": "30935",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/30935"
        },
        {
          "name": "vmware-isapi-extension-dos(44796)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44796"
        },
        {
          "name": "ADV-2008-2466",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2466"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3697",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An unspecified ISAPI extension in VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (IIS crash) via a malformed request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
            },
            {
              "name": "1020789",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020789"
            },
            {
              "name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
            },
            {
              "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
            },
            {
              "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
            },
            {
              "name": "31708",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31708"
            },
            {
              "name": "4202",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/4202"
            },
            {
              "name": "30935",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/30935"
            },
            {
              "name": "vmware-isapi-extension-dos(44796)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44796"
            },
            {
              "name": "ADV-2008-2466",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2466"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3697",
    "datePublished": "2008-09-03T14:00:00",
    "dateReserved": "2008-08-14T00:00:00",
    "dateUpdated": "2024-08-07T09:45:19.179Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-1362
Vulnerability from cvelistv5
Published
2008-03-20 00:00
Modified
2024-08-07 08:17
Severity ?
Summary
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an "insecurely created named pipe," a different vulnerability than CVE-2008-1361.
References
http://security.gentoo.org/glsa/glsa-201209-25.xmlvendor-advisory, x_refsource_GENTOO
http://securityreason.com/securityalert/3755third-party-advisory, x_refsource_SREASON
http://www.vmware.com/support/server/doc/releasenotes_server.htmlx_refsource_CONFIRM
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.htmlx_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/41259vdb-entry, x_refsource_XF
http://www.vmware.com/support/player2/doc/releasenotes_player2.htmlx_refsource_CONFIRM
http://www.vmware.com/support/player/doc/releasenotes_player.htmlx_refsource_CONFIRM
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.htmlx_refsource_CONFIRM
http://securitytracker.com/id?1019621vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/archive/1/489739/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://lists.vmware.com/pipermail/security-announce/2008/000008.htmlmailing-list, x_refsource_MLIST
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.htmlx_refsource_CONFIRM
http://www.vupen.com/english/advisories/2008/0905/referencesvdb-entry, x_refsource_VUPEN
http://www.vmware.com/security/advisories/VMSA-2008-0005.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/28276vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:17:34.550Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201209-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
          },
          {
            "name": "3755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3755"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
          },
          {
            "name": "vmware-namedpipes-privilege-escalation(41259)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41259"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
          },
          {
            "name": "1019621",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019621"
          },
          {
            "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
          },
          {
            "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
          },
          {
            "name": "ADV-2008-0905",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0905/references"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
          },
          {
            "name": "28276",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28276"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-03-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an \"insecurely created named pipe,\" a different vulnerability than CVE-2008-1361."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201209-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
        },
        {
          "name": "3755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3755"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
        },
        {
          "name": "vmware-namedpipes-privilege-escalation(41259)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41259"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
        },
        {
          "name": "1019621",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019621"
        },
        {
          "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
        },
        {
          "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
        },
        {
          "name": "ADV-2008-0905",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0905/references"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
        },
        {
          "name": "28276",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28276"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1362",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an \"insecurely created named pipe,\" a different vulnerability than CVE-2008-1361."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201209-25",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
            },
            {
              "name": "3755",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3755"
            },
            {
              "name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
            },
            {
              "name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
            },
            {
              "name": "vmware-namedpipes-privilege-escalation(41259)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41259"
            },
            {
              "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
            },
            {
              "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
            },
            {
              "name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
            },
            {
              "name": "1019621",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019621"
            },
            {
              "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
            },
            {
              "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
              "refsource": "MLIST",
              "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
            },
            {
              "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
            },
            {
              "name": "ADV-2008-0905",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0905/references"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
            },
            {
              "name": "28276",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28276"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1362",
    "datePublished": "2008-03-20T00:00:00",
    "dateReserved": "2008-03-17T00:00:00",
    "dateUpdated": "2024-08-07T08:17:34.550Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-4916
Vulnerability from cvelistv5
Published
2009-04-06 15:00
Modified
2024-08-07 10:31
Severity ?
Summary
Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors.
References
http://security.gentoo.org/glsa/glsa-201209-25.xmlvendor-advisory, x_refsource_GENTOO
http://seclists.org/fulldisclosure/2009/Apr/0036.htmlmailing-list, x_refsource_FULLDISC
http://www.securityfocus.com/bid/34373vdb-entry, x_refsource_BID
http://www.vupen.com/english/advisories/2009/0944vdb-entry, x_refsource_VUPEN
http://lists.vmware.com/pipermail/security-announce/2009/000054.htmlmailing-list, x_refsource_MLIST
http://www.securitytracker.com/id?1021973vdb-entry, x_refsource_SECTRACK
http://www.vmware.com/security/advisories/VMSA-2009-0005.htmlx_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6439vdb-entry, signature, x_refsource_OVAL
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:31:28.254Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201209-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
          },
          {
            "name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
          },
          {
            "name": "34373",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34373"
          },
          {
            "name": "ADV-2009-0944",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0944"
          },
          {
            "name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
          },
          {
            "name": "1021973",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1021973"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
          },
          {
            "name": "oval:org.mitre.oval:def:6439",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6439"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201209-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
        },
        {
          "name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
        },
        {
          "name": "34373",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34373"
        },
        {
          "name": "ADV-2009-0944",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0944"
        },
        {
          "name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
        },
        {
          "name": "1021973",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1021973"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
        },
        {
          "name": "oval:org.mitre.oval:def:6439",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6439"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-4916",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201209-25",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
            },
            {
              "name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
            },
            {
              "name": "34373",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34373"
            },
            {
              "name": "ADV-2009-0944",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0944"
            },
            {
              "name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
              "refsource": "MLIST",
              "url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
            },
            {
              "name": "1021973",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1021973"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
            },
            {
              "name": "oval:org.mitre.oval:def:6439",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6439"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-4916",
    "datePublished": "2009-04-06T15:00:00",
    "dateReserved": "2008-11-03T00:00:00",
    "dateUpdated": "2024-08-07T10:31:28.254Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-1361
Vulnerability from cvelistv5
Published
2008-03-20 00:00
Modified
2024-08-07 08:17
Severity ?
Summary
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362.
References
http://security.gentoo.org/glsa/glsa-201209-25.xmlvendor-advisory, x_refsource_GENTOO
http://securityreason.com/securityalert/3755third-party-advisory, x_refsource_SREASON
http://www.vmware.com/support/server/doc/releasenotes_server.htmlx_refsource_CONFIRM
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.htmlx_refsource_CONFIRM
http://www.vmware.com/support/player2/doc/releasenotes_player2.htmlx_refsource_CONFIRM
http://www.vmware.com/support/player/doc/releasenotes_player.htmlx_refsource_CONFIRM
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.htmlx_refsource_CONFIRM
http://securitytracker.com/id?1019621vdb-entry, x_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/41257vdb-entry, x_refsource_XF
http://www.securityfocus.com/archive/1/489739/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://lists.vmware.com/pipermail/security-announce/2008/000008.htmlmailing-list, x_refsource_MLIST
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.htmlx_refsource_CONFIRM
http://www.vupen.com/english/advisories/2008/0905/referencesvdb-entry, x_refsource_VUPEN
http://www.vmware.com/security/advisories/VMSA-2008-0005.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/28276vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:17:34.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201209-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
          },
          {
            "name": "3755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3755"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
          },
          {
            "name": "1019621",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019621"
          },
          {
            "name": "vmware-authd-privilege-escalation(41257)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41257"
          },
          {
            "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
          },
          {
            "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
          },
          {
            "name": "ADV-2008-0905",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0905/references"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
          },
          {
            "name": "28276",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28276"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-03-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201209-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
        },
        {
          "name": "3755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3755"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
        },
        {
          "name": "1019621",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019621"
        },
        {
          "name": "vmware-authd-privilege-escalation(41257)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41257"
        },
        {
          "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
        },
        {
          "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
        },
        {
          "name": "ADV-2008-0905",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0905/references"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
        },
        {
          "name": "28276",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28276"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1361",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201209-25",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
            },
            {
              "name": "3755",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3755"
            },
            {
              "name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
            },
            {
              "name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
            },
            {
              "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
            },
            {
              "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
            },
            {
              "name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
            },
            {
              "name": "1019621",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019621"
            },
            {
              "name": "vmware-authd-privilege-escalation(41257)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41257"
            },
            {
              "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
            },
            {
              "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
              "refsource": "MLIST",
              "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
            },
            {
              "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
            },
            {
              "name": "ADV-2008-0905",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0905/references"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
            },
            {
              "name": "28276",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28276"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1361",
    "datePublished": "2008-03-20T00:00:00",
    "dateReserved": "2008-03-17T00:00:00",
    "dateUpdated": "2024-08-07T08:17:34.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-5671
Vulnerability from cvelistv5
Published
2008-06-05 20:21
Modified
2024-08-07 15:39
Severity ?
Summary
HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\.\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges.
References
http://security.gentoo.org/glsa/glsa-201209-25.xmlvendor-advisory, x_refsource_GENTOO
http://www.vupen.com/english/advisories/2008/1744vdb-entry, x_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688vdb-entry, signature, x_refsource_OVAL
http://www.vmware.com/security/advisories/VMSA-2008-0009.htmlx_refsource_CONFIRM
http://secunia.com/advisories/30556third-party-advisory, x_refsource_SECUNIA
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712third-party-advisory, x_refsource_IDEFENSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358vdb-entry, signature, x_refsource_OVAL
http://www.securityfocus.com/archive/1/493172/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/493080/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://securitytracker.com/id?1020197vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/archive/1/493148/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://securityreason.com/securityalert/3922third-party-advisory, x_refsource_SREASON
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:39:13.584Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201209-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
          },
          {
            "name": "ADV-2008-1744",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1744"
          },
          {
            "name": "oval:org.mitre.oval:def:5688",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
          },
          {
            "name": "30556",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30556"
          },
          {
            "name": "20080604 VMware Tools HGFS Local Privilege Escalation Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712"
          },
          {
            "name": "oval:org.mitre.oval:def:5358",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358"
          },
          {
            "name": "20080606 Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/493172/100/0/threaded"
          },
          {
            "name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
          },
          {
            "name": "1020197",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1020197"
          },
          {
            "name": "20080605 Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/493148/100/0/threaded"
          },
          {
            "name": "3922",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3922"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\\\.\\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201209-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
        },
        {
          "name": "ADV-2008-1744",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1744"
        },
        {
          "name": "oval:org.mitre.oval:def:5688",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
        },
        {
          "name": "30556",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30556"
        },
        {
          "name": "20080604 VMware Tools HGFS Local Privilege Escalation Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712"
        },
        {
          "name": "oval:org.mitre.oval:def:5358",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358"
        },
        {
          "name": "20080606 Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/493172/100/0/threaded"
        },
        {
          "name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
        },
        {
          "name": "1020197",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1020197"
        },
        {
          "name": "20080605 Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/493148/100/0/threaded"
        },
        {
          "name": "3922",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3922"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5671",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\\\.\\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201209-25",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
            },
            {
              "name": "ADV-2008-1744",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1744"
            },
            {
              "name": "oval:org.mitre.oval:def:5688",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
            },
            {
              "name": "30556",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30556"
            },
            {
              "name": "20080604 VMware Tools HGFS Local Privilege Escalation Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712"
            },
            {
              "name": "oval:org.mitre.oval:def:5358",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358"
            },
            {
              "name": "20080606 Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/493172/100/0/threaded"
            },
            {
              "name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
            },
            {
              "name": "1020197",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1020197"
            },
            {
              "name": "20080605 Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/493148/100/0/threaded"
            },
            {
              "name": "3922",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3922"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5671",
    "datePublished": "2008-06-05T20:21:00",
    "dateReserved": "2007-10-23T00:00:00",
    "dateUpdated": "2024-08-07T15:39:13.584Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-5438
Vulnerability from cvelistv5
Published
2007-10-13 01:00
Modified
2024-08-07 15:31
Severity ?
Summary
Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe), related to the ConnectPopulatedDiskEx function.
References
http://osvdb.org/43488vdb-entry, x_refsource_OSVDB
http://securityreason.com/securityalert/3219third-party-advisory, x_refsource_SREASON
http://www.vmware.com/security/advisories/VMSA-2008-0014.htmlx_refsource_CONFIRM
http://secunia.com/advisories/31709third-party-advisory, x_refsource_SECUNIA
http://www.eleytt.com/advisories/eleytt_VMWARE1.pdfx_refsource_MISC
http://www.vmware.com/support/server/doc/releasenotes_server.htmlx_refsource_CONFIRM
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id?1020791vdb-entry, x_refsource_SECTRACK
http://www.vmware.com/support/player2/doc/releasenotes_player2.htmlx_refsource_CONFIRM
http://secunia.com/advisories/31710third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/482021/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.vmware.com/support/ace/doc/releasenotes_ace.htmlx_refsource_CONFIRM
http://www.vmware.com/support/player/doc/releasenotes_player.htmlx_refsource_CONFIRM
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/26025vdb-entry, x_refsource_BID
http://www.securityfocus.com/archive/1/495869/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.htmlmailing-list, x_refsource_FULLDISC
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.htmlx_refsource_CONFIRM
http://secunia.com/advisories/31707third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31708third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2466vdb-entry, x_refsource_VUPEN
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:31:58.861Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "43488",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/43488"
          },
          {
            "name": "3219",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3219"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
          },
          {
            "name": "31709",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31709"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.eleytt.com/advisories/eleytt_VMWARE1.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
          },
          {
            "name": "1020791",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020791"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
          },
          {
            "name": "31710",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31710"
          },
          {
            "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
          },
          {
            "name": "26025",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26025"
          },
          {
            "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
          },
          {
            "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
          },
          {
            "name": "31707",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31707"
          },
          {
            "name": "31708",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31708"
          },
          {
            "name": "ADV-2008-2466",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2466"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-10-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe), related to the ConnectPopulatedDiskEx function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "43488",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/43488"
        },
        {
          "name": "3219",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3219"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
        },
        {
          "name": "31709",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31709"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.eleytt.com/advisories/eleytt_VMWARE1.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
        },
        {
          "name": "1020791",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020791"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
        },
        {
          "name": "31710",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31710"
        },
        {
          "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
        },
        {
          "name": "26025",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26025"
        },
        {
          "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
        },
        {
          "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
        },
        {
          "name": "31707",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31707"
        },
        {
          "name": "31708",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31708"
        },
        {
          "name": "ADV-2008-2466",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2466"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5438",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe), related to the ConnectPopulatedDiskEx function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43488",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/43488"
            },
            {
              "name": "3219",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3219"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
            },
            {
              "name": "31709",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31709"
            },
            {
              "name": "http://www.eleytt.com/advisories/eleytt_VMWARE1.pdf",
              "refsource": "MISC",
              "url": "http://www.eleytt.com/advisories/eleytt_VMWARE1.pdf"
            },
            {
              "name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
            },
            {
              "name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
            },
            {
              "name": "1020791",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020791"
            },
            {
              "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
            },
            {
              "name": "31710",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31710"
            },
            {
              "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
            },
            {
              "name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
            },
            {
              "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
            },
            {
              "name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
            },
            {
              "name": "26025",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26025"
            },
            {
              "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
            },
            {
              "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
            },
            {
              "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
            },
            {
              "name": "31707",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31707"
            },
            {
              "name": "31708",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31708"
            },
            {
              "name": "ADV-2008-2466",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2466"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5438",
    "datePublished": "2007-10-13T01:00:00",
    "dateReserved": "2007-10-12T00:00:00",
    "dateUpdated": "2024-08-07T15:31:58.861Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}