var-201405-0538
Vulnerability from variot
VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. Multiple VMware products are prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges on the guest operating system. The following products are affected: VMware Workstation 10.x prior to version 10.0.2 VMware Player 6.x prior to version 6.0.2 VMware Fusion 6.x prior to version 6.0.3 ESXi 5.5 without patch ESXi550-201403102-SG ESXi 5.1 without patch ESXi510-201404102-SG ESXi 5.0 without patch ESXi500-201405102-SG. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2014-0005 Synopsis: VMware Workstation, Player, Fusion, and ESXi patches address a guest privilege escalation Issue date: 2014-05-29 Updated on: 2014-05-29 (initial advisory) CVE numbers: CVE-2014-3793
-
Problem Description
a.
VMware would like to thank Tavis Ormandy from the Google Security
Team for reporting this issue to us. This means that host
memory can not be manipulated from the Guest Operating System.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2014-3793 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
** Workstation 9.x, Player 5.x and Fusion 5.x do not support
Windows 8.1 Guest Operating Systems
- Solution
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3793
- Change Log
2014-05-29 VMSA-2014-0005 Initial security advisory in conjunction with the release of ESXi 5.0 patches on 2014-05-29
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.3.2 (Build 15337) Charset: utf-8
wj8DBQFTiAIMDEcm8Vbi9kMRAgJiAKCI3namsqifeWwPKML6Gk2u+206PgCg2BFN Ik+PbexzXJiOjs0MAzONaw4= =nKGT -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0538",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "esxi",
"scope": "eq",
"trust": 2.7,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "esxi",
"scope": "eq",
"trust": 2.7,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "esxi",
"scope": "eq",
"trust": 2.1,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "player",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "10.0.1"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "10.0"
},
{
"model": "workstation",
"scope": "lt",
"trust": 0.8,
"vendor": "vmware",
"version": "10.x"
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "fusion",
"scope": "lt",
"trust": 0.8,
"vendor": "vmware",
"version": "6.x"
},
{
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "10.0.2"
},
{
"model": "player",
"scope": "lt",
"trust": 0.8,
"vendor": "vmware",
"version": "6.x"
},
{
"model": "esxi esxi500-20131010",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.01"
},
{
"model": "workstation mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "10.0"
},
{
"model": "workstation build-1379776",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "10.0.1"
},
{
"model": "esxi update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.01"
},
{
"model": "esxi esxi510-20131010",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "player",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "esxi esxi550-20140310",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "esxi esxi500-2014051",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.02"
},
{
"model": "esxi esxi510-20140410",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "10.0.2"
},
{
"model": "fusion",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "esxi esxi510-20140110",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.11"
},
{
"model": "esxi esxi550-20131210",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
}
],
"sources": [
{
"db": "BID",
"id": "67737"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-590"
},
{
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:vmware:esxi:5.0:1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:vmware:esxi:5.0:2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:vmware:esxi:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:vmware:esxi:5.1:1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:vmware:esxi:5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy from the Google Security Team",
"sources": [
{
"db": "BID",
"id": "67737"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3793",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-3793",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 1.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-3793",
"trust": 1.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-590",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-590"
},
{
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. Multiple VMware products are prone to a local privilege-escalation vulnerability. \nLocal attackers can exploit this issue to gain elevated privileges on the guest operating system. \nThe following products are affected:\nVMware Workstation 10.x prior to version 10.0.2\nVMware Player 6.x prior to version 6.0.2\nVMware Fusion 6.x prior to version 6.0.3\nESXi 5.5 without patch ESXi550-201403102-SG\nESXi 5.1 without patch ESXi510-201404102-SG\nESXi 5.0 without patch ESXi500-201405102-SG. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\nVMware Security Advisory\n\nAdvisory ID: VMSA-2014-0005\nSynopsis: VMware Workstation, Player, Fusion, and ESXi patches address\na guest privilege escalation\nIssue date: 2014-05-29\nUpdated on: 2014-05-29 (initial advisory)\nCVE numbers: CVE-2014-3793\n- -------------------------------------------------------------------------\n\n1. \n\n2. Problem Description\n\n a. \n\n VMware would like to thank Tavis Ormandy from the Google Security\n Team for reporting this issue to us. This means that host\n memory can not be manipulated from the Guest Operating System. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2014-3793 to this issue. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n ** Workstation 9.x, Player 5.x and Fusion 5.x do not support\n Windows 8.1 Guest Operating Systems\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the checksum of your downloaded file. References\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3793\n\n- -------------------------------------------------------------------------\n\n6. Change Log\n\n 2014-05-29 VMSA-2014-0005\n Initial security advisory in conjunction with the release of\n ESXi 5.0 patches on 2014-05-29\n\n- -------------------------------------------------------------------------\n \n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: Encryption Desktop 10.3.2 (Build 15337)\nCharset: utf-8\n\nwj8DBQFTiAIMDEcm8Vbi9kMRAgJiAKCI3namsqifeWwPKML6Gk2u+206PgCg2BFN\nIk+PbexzXJiOjs0MAzONaw4=\n=nKGT\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3793"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"db": "BID",
"id": "67737"
},
{
"db": "PACKETSTORM",
"id": "126869"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3793",
"trust": 2.8
},
{
"db": "PACKETSTORM",
"id": "126869",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58894",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1030311",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1030310",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002691",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201405-590",
"trust": 0.6
},
{
"db": "BID",
"id": "67737",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "67737"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"db": "PACKETSTORM",
"id": "126869"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-590"
},
{
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"id": "VAR-201405-0538",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5
},
"last_update_date": "2022-05-04T09:12:23.053000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "VMSA-2014-0005",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0005.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0005.html"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1030310"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58894"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1030311"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/126869/vmware-security-advisory-2014-0005.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/532236/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3793"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3793"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/go/downloadfusion"
},
{
"trust": 0.1,
"url": "https://twitter.com/vmwaresrc"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3793"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2075521"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2065832"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/lifecycle.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/go/downloadworkstation"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2070666"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/go/downloadplayer"
}
],
"sources": [
{
"db": "BID",
"id": "67737"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"db": "PACKETSTORM",
"id": "126869"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-590"
},
{
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "67737"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"db": "PACKETSTORM",
"id": "126869"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-590"
},
{
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-29T00:00:00",
"db": "BID",
"id": "67737"
},
{
"date": "2014-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"date": "2014-05-31T00:00:43",
"db": "PACKETSTORM",
"id": "126869"
},
{
"date": "2014-05-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-590"
},
{
"date": "2014-05-31T11:17:00",
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-29T00:00:00",
"db": "BID",
"id": "67737"
},
{
"date": "2014-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"date": "2014-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-590"
},
{
"date": "2018-10-09T19:47:00",
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-590"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural VMware Product VMware Tools Guest in OS Vulnerabilities that have been granted permission",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-590"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.