Vmware: Security Vulnerabilities
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
CVSS Score
5.0
EPSS Score
0.009
Published
2004-11-23
VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables.
CVSS Score
7.2
EPSS Score
0.0
Published
2003-12-31
VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary files via a symlink attack.
CVSS Score
4.6
EPSS Score
0.001
Published
2003-10-20
VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session.
CVSS Score
7.2
EPSS Score
0.0
Published
2003-08-27
VMware Workstation 4.0 for Linux allows local users to overwrite arbitrary files and gain privileges via "symlink manipulation."
CVSS Score
3.7
EPSS Score
0.0
Published
2003-08-07
Buffer overflow in VMware Authorization Service for VMware GSX Server 2.0.0 build-2050 allows remote authenticated users to execute arbitrary code via a long GLOBAL argument.
CVSS Score
7.5
EPSS Score
0.14
Published
2002-08-12
VMWare creates a temporary file vmware-log.USERNAME with insecure permissions, which allows local users to read or modify license information.
CVSS Score
3.6
EPSS Score
0.0
Published
2001-07-30
VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack.
CVSS Score
3.6
EPSS Score
0.001
Published
2000-01-17
Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable.
CVSS Score
7.2
EPSS Score
0.008
Published
1999-06-26
Page 96