Player Security Vulnerabilities and Issues — Player CVE List

Lucene search

VmwarePlayer

16 matches found

CVE•added 2010/06/30 6:30 p.m.•158 views

CVE-2010-1205

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

9.8CVSS9.9AI score0.17033EPSS

CVE•added 2010/06/30 6:30 p.m.•108 views

CVE-2010-2249

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.

6.5CVSS7.4AI score0.01567EPSS

CVE•added 2010/04/27 3:30 p.m.•98 views

CVE-2009-4811

VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600...

5CVSS6.4AI score0.16891EPSS

CVE•added 2010/04/12 6:30 p.m.•73 views

CVE-2010-1139

Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string s...

7.2CVSS6.4AI score0.00075EPSS

CVE•added 2010/12/06 9:5 p.m.•72 views

CVE-2010-4297

The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x before 2.0.8 build 328035 and 3.1.x before 3.1.2 b...

7.2CVSS6.6AI score0.02398EPSS

Web

CVE•added 2010/04/12 6:30 p.m.•66 views

CVE-2010-1142

VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0...

8.5CVSS6.5AI score0.01109EPSS

CVE•added 2010/04/12 6:30 p.m.•63 views

CVE-2009-3732

Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors.

10CVSS6.9AI score0.30069EPSS

Web

CVE•added 2010/04/12 6:30 p.m.•59 views

CVE-2010-1140

The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk.

6.9CVSS6.4AI score0.0009EPSS

CVE•added 2010/04/12 6:30 p.m.•59 views

CVE-2010-1141

8.5CVSS6.8AI score0.0545EPSS

CVE•added 2010/04/12 6:30 p.m.•54 views

CVE-2009-1564

Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote at...

9.3CVSS8AI score0.17199EPSS

CVE•added 2010/09/28 6:0 p.m.•54 views

CVE-2010-3277

The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2 build 301548 renders an index.htm file if present in the installation directory, which might allow local users to trigger unintended interpretation of web script or HTML by creating this file.

2.1CVSS8.5AI score0.00097EPSS

CVE•added 2010/12/06 9:5 p.m.•51 views

CVE-2010-4295

Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via ve...

6.9CVSS6.6AI score0.00057EPSS

CVE•added 2010/04/12 6:30 p.m.•50 views

CVE-2010-1138

The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x ...

5CVSS6.1AI score0.00769EPSS

CVE•added 2010/12/06 9:5 p.m.•50 views

CVE-2010-4294

The frame decompression functionality in the VMnc media codec in VMware Movie Decoder before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548, VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548 on Windows, VMware Player 2.5.x before 2.5.5 build 246459 and 3.x b...

9.3CVSS7.8AI score0.06071EPSS

CVE•added 2010/04/12 6:30 p.m.•49 views

CVE-2009-1565

vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary c...

9.3CVSS7.7AI score0.16916EPSS

CVE•added 2010/12/06 9:5 p.m.•49 views

CVE-2010-4296

vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vect...

7.2CVSS6.6AI score0.00068EPSS