Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:4528
HistoryDec 05, 2008 - 12:00 a.m.

VMware虚拟硬件内存破坏漏洞

2008-12-0500:00:00
Root
www.seebug.org
132

0.001 Low

EPSS

Percentile

27.3%

JSON

BUGTRAQ ID: 32597
CVE(CAN) ID: CVE-2008-4917

VMWare是一款虚拟PC软件,允许在一台机器上同时运行两个或多个Windows、DOS、LINUX系统。

如果guest操作系统向虚拟的硬件发送了恶意请求的话,就可能触发内存破坏,导致虚拟硬件写入非受控的物理内存区域。成功利用这个漏洞的攻击者可以完全控制HOST系统或导致拒绝服务。

VMWare Workstation 6.0.x
VMWare Workstation 5.x
VMWare ACE 2.0.x
VMWare ACE 1.x
VMWare Player 2.0.x
VMWare Player 1.x
VMWare Server 1.x
VMWare Fusion 1.x
VMWare ESX 3.5
VMWare ESX 3.0.3
VMWare ESX 3.0.2
VMWare ESXi 3.5
VMWare

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://www.vmware.com” target=“_blank”>http://www.vmware.com</a>

Related

securityvulns 2
prion 1
cve 1
openvas 6
nessus 3
vmware 2
gentoo 1
securityvulns
securityvulns
VMWare sandbox protection bypass
2008-12-04 00:00:00
VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2
2008-12-04 00:00:00
prion
prion
Memory corruption
2008-12-09 00:30:00
cve
cve
CVE-2008-4917
2008-12-09 00:30:00
openvas
openvas
VMware Products Trap Flag In-Guest Privilege Escalation Vulnerability (Windows)
2008-12-15 00:00:00
VMware Products Trap Flag In-Guest Privilege Escalation Vulnerability (Linux)
2008-12-15 00:00:00
VMware Products Trap Flag In-Guest Privilege Escalation Vulnerability (VMSA-2008-0018) - Linux
2008-12-15 00:00:00
nessus
nessus
VMSA-2008-0019 : VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2
2009-07-27 00:00:00
VMware Products Multiple Vulnerabilities (VMSA-2008-0018/VMSA-2008-0019)
2008-11-19 00:00:00
GLSA-201209-25 : VMware Player, Server, Workstation: Multiple vulnerabilities
2012-10-01 00:00:00
vmware
vmware
VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2
2008-12-02 00:00:00
VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2
2008-12-02 00:00:00
gentoo
gentoo
VMware Player, Server, Workstation: Multiple vulnerabilities
2012-09-29 00:00:00

0.001 Low

EPSS

Percentile

27.3%

JSON
Related for SSV:4528
securityvulns2prion1cve1openvas6nessus3vmware2gentoo1