Lucene search
K

500 matches found

Packet Storm
Packet Storm
added 2010/12/09 12:0 a.m.73 views

VMware Tools Update OS Command Injection

VMware Tools update OS Command Injection ======================================== 1. Advisory Information Advisory ID: BONSAI-2010-0110 Date published: Thu Dec 9, 2010 Vendors contacted: VMware Release mode: Coordinated release 2. Vulnerability Information Class: Injection Remotely Exploitable: Y...

7.2CVSS0.7AI score0.0517EPSS
Exploits4
Exploit DB
Exploit DB
added 2010/12/09 12:0 a.m.69 views

VMware Tools - Update OS Command Injection

VMware Tools update OS Command Injection ======================================== 1. Advisory Information Advisory ID: BONSAI-2010-0110 Date published: Thu Dec 9, 2010 Vendors contacted: VMware Release mode: Coordinated release 2. Vulnerability Information Class: Injection Remotely Exploitable: Y...

7.2CVSS7AI score0.0517EPSS
Exploits4
exploitpack
exploitpack
added 2010/12/09 12:0 a.m.98 views

VMware Tools - Update OS Command Injection

VMware Tools - Update OS Command Injection VMware Tools update OS Command Injection ======================================== 1. Advisory Information Advisory ID: BONSAI-2010-0110 Date published: Thu Dec 9, 2010 Vendors contacted: VMware Release mode: Coordinated release 2. Vulnerability Informati...

7.2CVSS0.7AI score0.0517EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2010/12/08 12:0 a.m.29 views

VMware Fusion < 3.1.2 (VMSA-2010-0018)

The version of VMware Fusion installed on the Mac OS X host is earlier than 3.1.2. Such versions are affected by three security issues : - A race condition in the mounting process in vmware-mount in allows host OS users to gain privileges via vectors involving temporary files. CVE-2010-4295 - The...

7.2CVSS5.4AI score0.0517EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2010/12/07 12:0 a.m.33 views

VMware Products Multiple Vulnerabilities (VMSA-2010-0018)

A VMware product Player, Workstation, Server, or Movie Decoder detected on the remote host has one or more of the following vulnerabilities : - A vulnerability in VMware Tools update could allow arbitrary code execution on non-Windows based guest operating systems with root privileges...

9.3CVSS6.4AI score0.05844EPSS
Exploits4References5
Prion
Prion
added 2010/06/15 6:0 p.m.15 views

Memory corruption

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when used in conjunction with VMWare Tools on a VMWare platform, allows attackers to cause a denial of service memory corruption or possibly execute arbitrary code via unspecified vectors...

9.3CVSS8.2AI score0.05957EPSS
Exploits0References24Affected Software2
securityvulns
securityvulns
added 2010/04/14 12:0 a.m.51 views

ACROS Security: Remote Binary Planting in VMware Tools for Windows &#40;ASPR #2010-04-12-1&#41;

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2010-04-12-1 ------------------------------------------------------------------------- ASPR 2010-04-12-1: Remote Binary Planting in VMware Tools for Windows...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2010/04/14 12:0 a.m.70 views

ACROS Security: Local Binary Planting in VMware Tools for Windows &#40;ASPR #2010-04-12-2&#41;

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2010-04-12-2 ------------------------------------------------------------------------- ASPR 2010-04-12-2: Local Binary Planting in VMware Tools for Windows...

0.3AI score
Exploits0
CVE
CVE
added 2010/04/12 6:0 p.m.72 views

CVE-2010-1141

CVE-2010-1141 affects VMware Tools and related VMware host components (Workstation, Player, ACE, Server, Fusion, ESXi/ESX). The flaw is improper access/loading of libraries, enabling a user-assisted remote attacker to trigger arbitrary code execution by convincing a Windows guest OS user to click...

8.5CVSS6.8AI score0.03802EPSS
Exploits1References10Affected Software1
myhack58
myhack58
added 2009/01/20 12:0 a.m.10 views

VMware vulnerability instance analysis – one of the shared folders directory traversal vulnerability-vulnerability warning-the black bar safety net

Author: vxasm mail: [email protected] Time: 2008-10-5 A noun is defined Host machine: running VMware software real host; Guest machine: installed in the VMware software in the virtual system; Backdoor: VMware have their own proprietary“Backdoor I/O Port”command, the Host and the Guest between al...

0.4AI score
Exploits0
Prion
Prion
added 2008/06/05 8:32 p.m.21 views

Memory corruption

HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode...

4.4CVSS6.5AI score0.00388EPSS
Exploits0References12Affected Software9
CVE
CVE
added 2008/06/05 8:21 p.m.81 views

CVE-2007-5671

CVE-2007-5671 is a VMware Tools local privilege-escalation issue in the guest HGFS driver (HGFS.sys) present in VMware Workstation/Player/ACE/Server and ESX/ESXi components. The flaw arises from improper validation of arguments to user-mode IOCTLs to .\hgfs, enabling a guest user to modify kernel...

4.4CVSS6.8AI score0.00388EPSS
Exploits0References12Affected Software9
securityvulns
securityvulns
added 2008/06/05 12:0 a.m.102 views

VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2008-0009 Synopsis: Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX,...

9.3CVSS10AI score0.10141EPSS
Exploits4
seebug.org
seebug.org
added 2007/11/27 12:0 a.m.21 views

VMware Tools HGFS.Sys驱动本地权限提升漏洞

BUGTRAQ ID: 26556 VMware Tools是VMWare为每一种Guest OS提供一个软件包,用于增强Guest OS的显示和鼠标功能。 VMware Tools的HGFS.Sys驱动实现上存在漏洞,本地攻击者可以利用此漏洞执行任意内核态指令。 VMWare Tools 3.1 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.vmware.com http://www.sebug.net/exploit/2602.html...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2007/11/24 12:0 a.m.21 views

VMware Tools hgfs.sys Local Privilege Escalation Vulnerability Exploit

No description provided by source. / VMware Tools hgfs.sys Local Privilege Escalation Vulnerability Exploit Created by SoBeIt Main file of exploit Tested on: Windows XP PRO SP2 Chinese Windows XP PRO SP2 English...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/11/24 12:0 a.m.17 views

VMware Tools 3.1 - &#039;HGFS.Sys&#039; Local Privilege Escalation

// source: https://www.securityfocus.com/bid/26556/info VMware Tools is prone to a privilege-escalation vulnerability. The application fails to properly drop privileges before performing certain functions. An attacker can exploit this in the guest opertaing system to elevate privileges in the hos...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/11/24 12:0 a.m.10 views

VMware Tools 3.1 - HGFS.Sys Local Privilege Escalation

VMware Tools 3.1 - HGFS.Sys Local Privilege Escalation // source: https://www.securityfocus.com/bid/26556/info VMware Tools is prone to a privilege-escalation vulnerability. The application fails to properly drop privileges before performing certain functions. An attacker can exploit this in the...

0.5AI score
Exploits0
NVD
NVD
added 2007/02/21 11:28 p.m.16 views

CVE-2007-1056

VMware Workstation 5.5.3 build 34685 does not provide per-user restrictions on certain privileged actions, which allows local users to perform restricted operations such as changing system time, accessing hardware components, and stopping the "VMware tools service" service. NOTE: exploitation is...

7.2CVSS6.3AI score0.00304EPSS
Exploits0References4
securityvulns
securityvulns
added 2007/02/20 12:0 a.m.48 views

[Full-disclosure] VMware Workstation multiple denial of service and isolation manipulation vulnerabilities

Suggested severity level: Medium. Type of Risk: Denial of Service, Privilege Elevation, Un-authorize Access. Affected Software: VMware Workstation, version 5.5.3 build 34685 including installation of "VMware Tools" of the same version, in the guest OS. Older versions and other products by the...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2007/02/05 12:0 a.m.62 views

Vmare workstation guest isolation weaknesses &#40;clipboard transfer&#41;

Suggested severity level: Low Type of Risk: isolation failure, information leakage, infection path Affected Software: VMware Workstation, version 5.5.3 build 34685 including installation of "VMware tools" of the same version on the guest OS. Other products by the vendor using the same isolation...

7.3AI score
Exploits0
Rows per page
Query Builder