Summary
Detail | |||
---|---|---|---|
Vendor | Vmware | First view | 2005-12-21 |
Product | Player | Last view | 2016-05-18 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
9.8 | 2016-05-18 | CVE-2016-2077 | VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1.3 on Windows incorrectly access an executable file, which allows host OS users to gain host OS privileges via unspecified vectors. |
6.3 | 2016-01-08 | CVE-2015-6933 | The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors. |
7.2 | 2015-07-10 | CVE-2015-3650 | vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 and 11.x before 11.1.1, VMware Player 5.x and 6.x before 6.0.7 and 7.x before 7.1.1, and VMware Horizon Client 5.x local-mode before 5.4.2 on Windows does not provide a valid DACL pointer during the setup of the vprintproxy.exe process, which allows host OS users to gain host OS privileges by injecting a thread. |
7.8 | 2015-06-13 | CVE-2015-2341 | VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, and VMware Fusion 6.x before 6.0.6 and 7.x before 7.0.1 allow attackers to cause a denial of service against a 32-bit guest OS or 64-bit host OS via a crafted RPC command. |
5.8 | 2015-06-13 | CVE-2015-2337 | TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors. |
5.8 | 2015-06-13 | CVE-2015-2336 | TPView.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors, a different vulnerability than CVE-2012-0897. |
3.3 | 2015-01-29 | CVE-2015-1044 | vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of service via unspecified vectors. |
3.3 | 2015-01-29 | CVE-2015-1043 | The Host Guest File System (HGFS) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware Fusion 6.x before 6.0.5 and 7.x before 7.0.1 allows guest OS users to cause a guest OS denial of service via unspecified vectors. |
6.4 | 2015-01-29 | CVE-2014-8370 | VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file. |
5.8 | 2014-05-31 | CVE-2014-3793 | VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors. |
4.9 | 2014-04-15 | CVE-2014-2384 | vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service (read access violation and system crash) via a crafted buffer in an IOCTL call. NOTE: the researcher reports "Vendor rated issue as non-exploitable." |
3.3 | 2014-01-17 | CVE-2014-1208 | VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid port. |
7.9 | 2013-12-04 | CVE-2013-3519 | lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows guest OS is used, allows guest OS users to gain guest OS privileges via an application that performs a crafted memory allocation. |
7.2 | 2013-11-18 | CVE-2013-5972 | VMware Workstation 9.x before 9.0.3 and VMware Player 5.x before 5.0.3 on Linux do not properly handle shared libraries, which allows host OS users to gain host OS privileges via unspecified vectors. |
6.9 | 2013-08-23 | CVE-2013-1662 | vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsb_release binary in a directory in the PATH, related to use of the popen library function. |
7.9 | 2012-11-14 | CVE-2012-5459 | Untrusted search path vulnerability in VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows allows host OS users to gain host OS privileges via a Trojan horse DLL in a "system folder." |
8.3 | 2012-11-14 | CVE-2012-5458 | VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application. |
6.9 | 2012-09-08 | CVE-2012-1666 | Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory. |
7.8 | 2012-06-14 | CVE-2012-3289 | VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash) via crafted traffic from a remote virtual device. |
9.3 | 2012-06-14 | CVE-2012-3288 | VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file. |
9 | 2012-05-04 | CVE-2012-2450 | VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of service (invalid write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS. |
9 | 2012-05-04 | CVE-2012-2449 | VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual floppy device, which allows guest OS users to cause a denial of service (out-of-bounds write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS. |
8.3 | 2012-04-17 | CVE-2012-1518 | VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors. |
9.3 | 2011-10-07 | CVE-2011-3868 | Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image. |
2.1 | 2011-06-06 | CVE-2011-2146 | mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
33% (20) | CWE-264 | Permissions, Privileges, and Access Controls |
16% (10) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
11% (7) | CWE-399 | Resource Management Errors |
8% (5) | CWE-20 | Improper Input Validation |
5% (3) | CWE-134 | Uncontrolled Format String |
5% (3) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
3% (2) | CWE-362 | Race Condition |
3% (2) | CWE-284 | Access Control (Authorization) Issues |
3% (2) | CWE-200 | Information Exposure |
1% (1) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
1% (1) | CWE-191 | Integer Underflow (Wrap or Wraparound) |
1% (1) | CWE-189 | Numeric Errors |
1% (1) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
1% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
1% (1) | CWE-16 | Configuration |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-234 | Hijacking a privileged process |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:16767 | USN-543-1 -- linux-restricted-modules-2.6.17/20, vmware-player-kernel-2.6.15 ... |
oval:org.mitre.oval:def:5688 | VMware Tools Input Validation Flaw in Windows Guest OS Lets Local Users Gain ... |
oval:org.mitre.oval:def:5358 | VMware Tools Input Validation Flaw in Windows Guest OS Lets Local Users Gain ... |
oval:org.mitre.oval:def:5583 | VMware Unsafe Library Path in vmware-authd Lets Local Users Gain Elevated Pri... |
oval:org.mitre.oval:def:4768 | VMware Unsafe Library Path in vmware-authd Lets Local Users Gain Elevated Pri... |
oval:org.mitre.oval:def:5647 | VMware Buffer Overflows in VIX API Let Local Users Execute Arbitrary Code |
oval:org.mitre.oval:def:5081 | VMware Buffer Overflows in VIX API Let Local Users Execute Arbitrary Code |
oval:org.mitre.oval:def:5929 | ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional ... |
oval:org.mitre.oval:def:6309 | VMware CPU Hardware Emulation Bug Lets Local Users Gain Elevated Privileges |
oval:org.mitre.oval:def:6246 | VMware ESX Virtual Hardware Memory Access Bug Lets Local Users Gain Elevated ... |
oval:org.mitre.oval:def:6251 | VMware Heap Overflows in VNnc Codec Lets Remote Users Execute Arbitrary Code |
oval:org.mitre.oval:def:5786 | VMWare Guest Virtual Device Driver Vulnerability |
oval:org.mitre.oval:def:6310 | VMware Bug in 'hcmon.sys' Lets Local Privileged Users Deny Service |
oval:org.mitre.oval:def:5471 | VMware Windows 'vmci.sys' Driver Lets Local Users Gain Elevated Privileges |
oval:org.mitre.oval:def:6065 | VMware Multiple Hosted Products Display Function Code Execution Vulnerability |
oval:org.mitre.oval:def:6130 | VMware Descheduled Time Accounting Driver Bug Lets Local Users on the Guest O... |
oval:org.mitre.oval:def:8473 | VMware improper setting of the exception code on page faults vulnerability |
oval:org.mitre.oval:def:7020 | Windows-based VMware Tools Unsafe Library Loading vulnerability |
oval:org.mitre.oval:def:11851 | Mozilla Firefox/Thunderbird/SeaMonkey 'libpng' Buffer Overflow Vulnerability |
oval:org.mitre.oval:def:22383 | RHSA-2010:0534: libpng security update (Important) |
oval:org.mitre.oval:def:13405 | USN-960-1 -- libpng vulnerabilities |
oval:org.mitre.oval:def:13338 | DSA-2072-1 libpng -- several |
oval:org.mitre.oval:def:11512 | DSA-2072 libpng -- several vulnerabilities |
oval:org.mitre.oval:def:23184 | ELSA-2010:0534: libpng security update (Important) |
oval:org.mitre.oval:def:20345 | VMware hosted product updates, ESX patches and VI Client update resolve multi... |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
76060 | VMware Multiple Product UDF Filesystem ISO Image Handling Overflow |
73242 | VMware Multiple Products mount.vmhgfs Host File Existence Disclosure |
73241 | VMware Multiple Products mount.vmhgfs Symlink Arbitrary Guest OS File Manipul... |
73240 | VMware Multiple Products mount.vmhgfs Race Condition Filesystem Mounting Loca... |
69596 | VMware Multiple Products VMnc Decoder Frame Decompression Memory Corruption |
69590 | VMware Tools Update Guest System Unspecified Arbitrary Command Injection |
69585 | VMware Multiple Products vmware-mount Mounting Process Race Condition Privile... |
69584 | VMware Multiple Products vmware-mount Library Loading Arbitrary Code Execution |
68273 | VMware Multiple Products Installer index.htm File Rendering Local Script Mani... |
66600 | Mozilla Multiple Products PNG File Handling Overflow |
65853 | libpng pngrutil.c sCAL Chunk Memory Corruption DoS |
65852 | libpng pngpread.c PNG Image Data Height Overflow |
64127 | VMware Multiple Products vmware-authd.exe Multiple Command \x25\x90 Sequence ... |
63860 | VMWare Multiple Products USB Service Host Privilege Escalation |
63859 | VMWare Tools Unsafe Library Loading Arbitrary Code Execution |
63858 | VMware Tools Malformed Executable Guest Arbitrary Code Execution |
63607 | VMware Fusion vmware-vmx Process Virtual Networking Stack Memory Disclosure |
63605 | VMware Remote Console (VMrc) Plugin Unspecified Format String |
59441 | VMware Multiple Products Guest OS Page Fault Local Privilege Escalation |
58728 | VMware Multiple Products Authorization Service vmware-authd.exe Login Request... |
57836 | VMware Workstation Movie Decoder VMnc Codec (vmnc.dll) Crafted AVI File Handl... |
57835 | VMware Workstation Movie Decoder VMnc Codec (vmnc.dll) Crafted Video File Han... |
55943 | VMWare Multiple Products VMnc Codec (vmnc.dll) Invalid RFB Message Type Handl... |
55942 | VMWare Multiple Products VMnc Codec (vmnc.dll) Open-DML Standard Index dwSize... |
54922 | VMware Multiple Products on Windows Descheduled Time Accounting Driver Unspec... |
ExploitDB Exploits
id | Description |
---|---|
15717 | VMware Tools update OS Command Injection |
14422 | libpng <= 1.4.2 Denial of Service Vulnerability |
12188 | VMware Remote Console e.x.p build-158248 - format string vulnerability |
OpenVAS Exploits
id | Description |
---|---|
2012-10-03 | Name : Gentoo Security Advisory GLSA 201209-25 (vmware-server vmware-player vmware-w... File : nvt/glsa_201209_25.nasl |
2012-06-15 | Name : VMSA-2012-0011 VMware Workstation, Player, Fusion, ESXi and ESX patches addre... File : nvt/gb_VMSA-2012-0011.nasl |
2012-05-03 | Name : VMSA-2012-0009 VMware Workstation, Player, ESXi and ESX patches address criti... File : nvt/gb_VMSA-2012-0009.nasl |
2012-04-16 | Name : VMSA-2010-0007: VMware hosted products, vCenter Server and ESX patches resolv... File : nvt/gb_VMSA-2010-0007.nasl |
2012-04-13 | Name : VMSA-2012-0007 VMware hosted products and ESX patches address privilege escal... File : nvt/gb_VMSA-2012-0007.nasl |
2012-03-16 | Name : VMSA-2011-0009.3 VMware hosted product updates, ESX patches and VI Client upd... File : nvt/gb_VMSA-2011-0009.nasl |
2012-03-16 | Name : VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple securi... File : nvt/gb_VMSA-2010-0018.nasl |
2011-11-17 | Name : VMware Products UDF File Systems Buffer Overflow Vulnerability (Win) File : nvt/secpod_vmware_prdts_udf_filesys_bof_vuln_win.nasl |
2011-11-17 | Name : VMware Products UDF File Systems Buffer Overflow Vulnerability (Linux) File : nvt/secpod_vmware_prdts_udf_filesys_bof_vuln_lin.nasl |
2011-11-17 | Name : VMware Fusion UDF File Systems Buffer Overflow Vulnerability (Mac OS X) File : nvt/secpod_vmware_fusion_udf_filesys_bof_vuln_macosx.nasl |
2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
2011-08-26 | Name : Apple iTunes Multiple Vulnerabilities (Mac OS X) File : nvt/secpod_itunes_mult_vuln_macosx.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2010:0547 centos5 i386 File : nvt/gb_CESA-2010_0547_firefox_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for thunderbird CESA-2010:0545 centos5 i386 File : nvt/gb_CESA-2010_0545_thunderbird_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for libpng CESA-2010:0534 centos5 i386 File : nvt/gb_CESA-2010_0534_libpng_centos5_i386.nasl |
2011-06-13 | Name : VMware Products Multiple Vulnerabilities (Win) - jun 11 File : nvt/gb_vmware_prdts_mult_vuln_win_jun11.nasl |
2011-06-13 | Name : VMware Products Multiple Vulnerabilities (Linux) -june11 File : nvt/gb_vmware_prdts_mult_vuln_lin_jun11.nasl |
2011-03-09 | Name : Gentoo Security Advisory GLSA 201010-01 (libpng) File : nvt/glsa_201010_01.nasl |
2010-12-13 | Name : VMware Products Tools Local Privilege Escalation Vulnerability (Linux) File : nvt/gb_vmware_prdts_tools_loc_prev_escl_vuln_lin.nasl |
2010-12-13 | Name : VMware Products Tools Local Privilege Escalation Vulnerability (Windows) File : nvt/gb_vmware_prdts_tools_loc_prev_escl_vuln_win.nasl |
2010-12-13 | Name : VMware Products Multiple Local Privilege Escalation Vulnerabilities (Linux) File : nvt/gb_vmware_prdts_mult_loc_prev_escl_vuln_lin.nasl |
2010-12-13 | Name : VMware Products Memory Corruption and Buffer Overflow Vulnerability (Win) File : nvt/gb_vmware_prdts_mem_corruption_n_bof_vuln_win.nasl |
2010-10-01 | Name : VMware Products Security Bypass Vulnerability (Linux) -Sep10 File : nvt/secpod_vmware_prdts_sec_bypass_vuln_lin_sep10.nasl |
2010-10-01 | Name : VMware Products Security Bypass Vulnerability (Win) -Sep10 File : nvt/secpod_vmware_prdts_sec_bypass_vuln_win_sep10.nasl |
2010-08-21 | Name : Debian Security Advisory DSA 2075-1 (xulrunner) File : nvt/deb_2075_1.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0146 | VMware Workstation Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0061091 |
2015-A-0147 | VMware Player Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0061069 |
2015-B-0077 | VMware Fusion Denial of Service Vulnerability Severity: Category I - VMSKEY: V0060979 |
2015-B-0076 | Multiple Vulnerabilities in VMware Horizon View Client Severity: Category I - VMSKEY: V0060965 |
2015-A-0029 | Multiple Vulnerabilities in VMware Fusion Severity: Category I - VMSKEY: V0058535 |
2015-B-0012 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0058517 |
2015-B-0013 | Multiple Vulnerabilities in VMware ESXi 5.1 Severity: Category I - VMSKEY: V0058515 |
2015-B-0014 | Multiple Vulnerabilities in VMware ESXi 5.5 Severity: Category I - VMSKEY: V0058513 |
2014-B-0069 | VMware ESXi 5.1 Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0051857 |
2014-B-0070 | VMware ESXi 5.5 Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0051855 |
2014-B-0068 | VMware ESXi 5.0 Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0051851 |
2014-B-0010 | Multiple Vulnerabilities in VMware ESXi 5.1 Severity: Category I - VMSKEY: V0043881 |
2014-B-0009 | Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity: Category I - VMSKEY: V0043880 |
2014-B-0008 | Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity: Category I - VMSKEY: V0043879 |
2014-A-0019 | Multiple Vulnerabilities in VMware Fusion Severity: Category I - VMSKEY: V0043844 |
2013-A-0222 | Multiple Vulnerabilties in VMware Workstation Severity: Category II - VMSKEY: V0042383 |
2013-A-0221 | Multiple Vulnerabilties in VMware Player Severity: Category II - VMSKEY: V0042382 |
2013-A-0205 | VMware ESXi 5.0 Denial of Service Vulnerability Severity: Category I - VMSKEY: V0041367 |
2012-A-0187 | Multiple Vulnerabilities in VMware Workstation Severity: Category I - VMSKEY: V0034960 |
2012-A-0188 | Multiple Vulnerabilities in VMware Player Severity: Category I - VMSKEY: V0034959 |
2012-A-0100 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0032847 |
2012-A-0099 | Multiple Vulnerabilities in VMware ESXi 4.0 and ESX 4.0 Severity: Category I - VMSKEY: V0032846 |
2012-A-0098 | Multiple Vulnerabilities in VMware ESXi 3.5 and ESX 3.5 Severity: Category I - VMSKEY: V0032845 |
2012-A-0075 | Multiple Vulnerabilities in VMware Fusion Severity: Category I - VMSKEY: V0032174 |
2012-A-0073 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0032171 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | PORT overflow attempt RuleID : 8480 - Type : PROTOCOL-FTP - Revision : 12 |
2019-12-24 | Mutiple products libpng extra row heap overflow attempt RuleID : 52307 - Type : FILE-IMAGE - Revision : 1 |
2019-12-24 | Mutiple products libpng extra row heap overflow attempt RuleID : 52306 - Type : FILE-IMAGE - Revision : 1 |
2016-04-14 | VmWare Tools command injection attempt RuleID : 38243 - Type : SERVER-WEBAPP - Revision : 2 |
2016-04-14 | VmWare Tools command injection attempt RuleID : 38242 - Type : SERVER-WEBAPP - Revision : 2 |
2014-01-10 | VMWare Remote Console format string code execution attempt RuleID : 27658 - Type : BROWSER-PLUGINS - Revision : 3 |
2014-01-10 | VMWare Remote Console format string code execution attempt RuleID : 27657 - Type : BROWSER-PLUGINS - Revision : 3 |
2014-01-10 | VMWare Remote Console format string code execution attempt RuleID : 27656 - Type : BROWSER-PLUGINS - Revision : 4 |
2014-01-10 | PcVue SVUIGrd.ocx ActiveX function call access RuleID : 27112 - Type : BROWSER-PLUGINS - Revision : 5 |
2014-01-10 | PcVue SVUIGrd.ocx ActiveX clsid access RuleID : 27111 - Type : BROWSER-PLUGINS - Revision : 5 |
2014-01-10 | VMWare authorization service user credential parsing DoS attempt RuleID : 20058 - Type : SERVER-OTHER - Revision : 4 |
2014-01-10 | VMWare Remote Console format string code execution attempt RuleID : 18097 - Type : BROWSER-PLUGINS - Revision : 14 |
2014-01-10 | EPRT overflow attempt RuleID : 17329 - Type : PROTOCOL-FTP - Revision : 8 |
2014-01-10 | VMWare VMCtl Class ActiveX function call unicode access RuleID : 14614 - Type : WEB-ACTIVEX - Revision : 6 |
2014-01-10 | VMWare VMCtl Class ActiveX function call access RuleID : 14613 - Type : BROWSER-PLUGINS - Revision : 10 |
2014-01-10 | VMWare VMCtl Class ActiveX clsid unicode access RuleID : 14612 - Type : WEB-ACTIVEX - Revision : 6 |
2014-01-10 | VMWare VMCtl Class ActiveX clsid access RuleID : 14611 - Type : BROWSER-PLUGINS - Revision : 13 |
2014-01-10 | VhdCvtCom.DiskLibHelper ActiveX function call unicode access RuleID : 14593 - Type : WEB-ACTIVEX - Revision : 7 |
2014-01-10 | VhdCvtCom.DiskLibHelper ActiveX function call access RuleID : 14592 - Type : BROWSER-PLUGINS - Revision : 11 |
2014-01-10 | VhdCvtCom.DiskLibHelper ActiveX clsid unicode access RuleID : 14591 - Type : WEB-ACTIVEX - Revision : 7 |
2014-01-10 | VhdCvtCom.DiskLibHelper ActiveX clsid access RuleID : 14590 - Type : BROWSER-PLUGINS - Revision : 12 |
2014-01-10 | CurrentVMCtl Class ActiveX function call unicode access RuleID : 14589 - Type : WEB-ACTIVEX - Revision : 7 |
2014-01-10 | CurrentVMCtl Class ActiveX function call access RuleID : 14588 - Type : BROWSER-PLUGINS - Revision : 11 |
2014-01-10 | CurrentVMCtl Class ActiveX clsid unicode access RuleID : 14587 - Type : WEB-ACTIVEX - Revision : 7 |
2014-01-10 | CurrentVMCtl Class ActiveX clsid access RuleID : 14586 - Type : BROWSER-PLUGINS - Revision : 12 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2016-05-18 | Name: A virtualization application installed on the remote host is affected by a pr... File: vmware_player_priv_esc_vmsa_2016_0005.nasl - Type: ACT_GATHER_INFO |
2016-05-18 | Name: A virtualization application installed on the remote host is affected by a pr... File: vmware_workstation_priv_esc_vmsa_2016_0005.nasl - Type: ACT_GATHER_INFO |
2016-03-08 | Name: The remote VMware ESX host is missing a security-related patch. File: vmware_VMSA-2010-0007_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-08 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2010-0018_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2011-0009_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_esx_VMSA-2013-0014_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-03 | Name: The remote host is missing a security-related patch. File: vmware_VMSA-2009-0007_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-03 | Name: The remote VMware ESXi / ESX host is missing a security-related patch. File: vmware_VMSA-2012-0007_remote.nasl - Type: ACT_GATHER_INFO |
2016-02-29 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2012-0009_remote.nasl - Type: ACT_GATHER_INFO |
2016-02-29 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2012-0011_remote.nasl - Type: ACT_GATHER_INFO |
2016-01-15 | Name: The remote VMware ESXi 5.0 host is affected by a guest privilege escalation v... File: vmware_esxi_5_0_build_3086167_remote.nasl - Type: ACT_GATHER_INFO |
2016-01-15 | Name: The remote VMware ESXi 5.1 host is affected by a guest privilege escalation v... File: vmware_esxi_5_1_build_3070626_remote.nasl - Type: ACT_GATHER_INFO |
2016-01-15 | Name: The remote VMware ESXi 5.5 host is affected by a guest privilege escalation v... File: vmware_esxi_5_5_build_3248547_remote.nasl - Type: ACT_GATHER_INFO |
2016-01-15 | Name: The remote VMware ESXi 6.0 host is affected by a guest privilege escalation v... File: vmware_esxi_6_0_build_3380124_remote.nasl - Type: ACT_GATHER_INFO |
2016-01-14 | Name: A virtualization application installed on the remote Mac OS X host is affecte... File: macosx_fusion_vmsa_2016_0001.nasl - Type: ACT_GATHER_INFO |
2016-01-14 | Name: A virtualization application installed on the remote host is affected by a gu... File: vmware_player_linux_vmsa_2016_0001.nasl - Type: ACT_GATHER_INFO |
2016-01-14 | Name: A virtualization application installed on the remote host is affected by a gu... File: vmware_player_priv_esc_vmsa_2016_0001.nasl - Type: ACT_GATHER_INFO |
2016-01-14 | Name: A virtualization application installed on the remote host is affected by a gu... File: vmware_workstation_linux_vmsa_2016_0001.nasl - Type: ACT_GATHER_INFO |
2016-01-14 | Name: A virtualization application installed on the remote host is affected by a gu... File: vmware_workstation_priv_esc_vmsa_2016_0001.nasl - Type: ACT_GATHER_INFO |
2016-01-13 | Name: The remote VMware ESXi host is missing a security-related patch. File: vmware_VMSA-2016-0001.nasl - Type: ACT_GATHER_INFO |
2015-12-30 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2014-0001_remote.nasl - Type: ACT_GATHER_INFO |
2015-12-30 | Name: The remote VMware ESXi host is missing a security-related patch. File: vmware_VMSA-2014-0005_remote.nasl - Type: ACT_GATHER_INFO |
2015-07-16 | Name: The virtualization application installed on the remote host is affected by a ... File: vmware_horizon_view_client_vmsa_2015_0005.nasl - Type: ACT_GATHER_INFO |
2015-07-16 | Name: The virtualization application installed on the remote host is affected by a ... File: vmware_player_priv_esc_vmsa_2015_0005.nasl - Type: ACT_GATHER_INFO |
2015-07-16 | Name: The virtualization application installed on the remote host is affected by a ... File: vmware_workstation_priv_esc_vmsa_2015_0005.nasl - Type: ACT_GATHER_INFO |