Vmware Server Security Vulnerabilities and Issues — Vmware Server CVE List

VmwareVmware Server

9 matches found

CVE•added 2008/03/20 12:0 a.m.•85 views

CVE-2008-1361

The CVE-2008-1361 issue affects multiple VMware products (Workstation 6.0.x up to 6.0.3, 5.5.x up to 5.5.6; Player 2.0.x up to 2.0.3 and 1.0.x up to 1.0.6; ACE 2.0.x up to 2.0.1 and 1.0.x up to 1.0.5; Server 1.0.x up to 1.0.5 on Windows). The root cause is an unspecified manipulation that causes ...

6.8CVSS6.7AI score0.00347EPSS

CVE•added 2008/06/05 8:21 p.m.•78 views

CVE-2007-5671

CVE-2007-5671 is a VMware Tools local privilege-escalation issue in the guest HGFS driver (HGFS.sys) present in VMware Workstation/Player/ACE/Server and ESX/ESXi components. The flaw arises from improper validation of arguments to user-mode IOCTLs to .\hgfs, enabling a guest user to modify kernel...

4.4CVSS6.8AI score0.00388EPSS

CVE•added 2008/03/20 12:0 a.m.•77 views

CVE-2008-1340

VMware VMCI vulnerability CVE-2008-1340 affects VMware Workstation 6.0.x prior to 6.0.3, VMware Player 2.0.x prior to 2.0.3, and VMware ACE 2.0.x prior to 2.0.1. The issue allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger memory exhaustion and memor...

7.1CVSS6.3AI score0.01736EPSS

CVE•added 2008/06/05 8:21 p.m.•76 views

CVE-2008-0967

CVE-2008-0967 describes a local privilege escalation in vmware-authd due to an untrusted library search path. A local user can gain privileges by manipulating a library path option in a configuration file. Affected products include VMware Workstation 5.x (before 5.5.7 build 91707), VMware Worksta...

6.9CVSS6.7AI score0.00356EPSS

CVE•added 2008/03/20 12:0 a.m.•73 views

CVE-2008-1364

CVE-2008-1364 describes an unspecified vulnerability in the DHCP service across multiple VMware products (Workstation 5.5.x before 5.5.6, Player 1.0.x before 1.0.6, ACE 1.0.x before 1.0.5, Server 1.0.x before 1.0.5, Fusion 1.1.x before 1.1.1) that allows an attacker to cause a denial of service. ...

7.8CVSS6.3AI score0.0204EPSS

CVE•added 2009/04/06 3:0 p.m.•71 views

CVE-2008-4916

CVE-2008-4916 describes a denial-of-service vulnerability in the guest virtual device driver that could crash the host OS. The issue affects VMware products including VMware Workstation (pre-5.5.9/6.x), VMware Player (pre-1.0.9/2.x), VMware ACE (pre-1.0.8/2.x), VMware Server (1.x before 1.0.8/2.0...

4.6CVSS6.1AI score0.00334EPSS

CVE•added 2008/03/20 12:0 a.m.•69 views

CVE-2008-1362

CVE-2008-1362 affects VMware products (Workstation, Player, ACE, Server) on Windows. The vulnerability arises from insecurely created named pipes used by the authd process, allowing a local attacker to impersonate authd and gain privileges or cause a denial of service. Affected versions include V...

7.2CVSS6.6AI score0.0036EPSS

CVE•added 2007/10/13 1:0 a.m.•66 views

CVE-2007-5438

CVE-2007-5438 involves an unspecified vulnerability in a VMware ActiveX control (Reconfig.DLL) that could allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe). Affected products and build ranges include VMware Workstation 5.5.x <5.5.8 build 108000, Wor...

1.9CVSS6.3AI score0.00366EPSS

CVE•added 2008/09/03 2:0 p.m.•62 views

CVE-2008-3697

CVE-2008-3697 concerns a remote DoS in VMware Server via an ISAPI extension. The issue is triggered by sending a malformed request to an ISAPI extension (iisperl.dll), which can cause the IIS service to terminate. VMware documents that the vulnerable extension is part of VMware Server prior to 1....

5CVSS6.4AI score0.03041EPSS