View Security Vulnerabilities and Issues — View CVE List

VmwareView

7 matches found

CVE•added 2013/02/11 10:0 p.m.•144 views

CVE-2013-1406

CVE-2013-1406 affects VMware VMCI in vmci.sys across VMware Workstation (8.x before 8.0.5; 9.x before 9.0.1), VMware Fusion (4.1 before 4.1.4; 5.0 before 5.0.2), VMware View (4.x before 4.6.2; 5.x before 5.1.2), VMware ESXi/ESX (4.0–5.1). Root cause: improper restriction of memory allocation by V...

7.2CVSS6.3AI score0.00968EPSS

Web

CVE•added 2012/03/16 8:0 p.m.•82 views

CVE-2012-1508

CVE-2012-1508 affects the XPDM display driver in VMware products (ESXi/ESX 4.0–4.1 and 5.0; View prior to 4.6.1). The issue is a NULL pointer dereference in the XPDM/WDDM display stack that can allow guest-OS privilege escalation or cause a guest-OS denial of service via unspecified vectors. Conn...

7.2CVSS6.6AI score0.00415EPSS

CVE•added 2012/03/16 8:0 p.m.•78 views

CVE-2012-1510

CVE-2012-1510 refers to a buffer overflow in the VMware WDDM display driver affecting VMware ESXi/ESX (4.0, 4.1, 5.0) and VMware View prior to 4.6.1. Exploitation could allow a guest OS user to gain guest OS privileges via unspecified vectors. The connected advisories confirm the issue and map it...

7.2CVSS6.8AI score0.00449EPSS

CVE•added 2012/09/08 10:0 a.m.•71 views

CVE-2012-1666

The CVE-2012-1666 entry describes an untrusted search path vulnerability in VMware Tools components across VMware Workstation (before 8.0.4), VMware Player (before 4.0.4), VMware Fusion (before 4.1.2), VMware View (before 5.1), and VMware ESX (4.1 before U3 and 5.0 before P03). The underlying iss...

6.9CVSS6.3AI score0.00784EPSS

CVE•added 2012/12/19 11:0 a.m.•64 views

CVE-2012-5978

CVE-2012-5978 describes directory traversal in VMware View components: View Connection Server and View Security Server. A remote, unauthenticated attacker can read arbitrary files via crafted URLs due to the tunnel-server not validating that requested URLs stay within web root and are permitted f...

5CVSS7AI score0.02802EPSS

CVE•added 2012/03/16 8:0 p.m.•60 views

CVE-2012-1511

CVE-2012-1511 is a cross-site scripting (XSS) vulnerability in the View Manager Portal of VMware View (pre-4.6.1). The issue arises from insufficient input validation of URLs, enabling remote attackers to inject arbitrary script or HTML via a crafted URL. VMware’s Security Advisory VMSA-2012-0004...

4.3CVSS5.6AI score0.02015EPSS

CVE•added 2012/03/16 8:0 p.m.•52 views

CVE-2012-1509

CVE-2012-1509 is tied to VMware View: a buffer overflow in the XPDM display driver within View (before 4.6.1) that enables local guest-OS privilege escalation via unspecified vectors. The issue is part of VMware advisory VMSA-2012-0004, which documents multiple View-related vulnerabilities and re...

7.2CVSS6.8AI score0.00437EPSS