Vulnerabilities > CVE-2009-1244 - Hosted Products Display Function Code Execution vulnerability in VMware

047910
CVSS 6.8 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
vmware
nessus

Summary

Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.

Vulnerable Configurations

Part Description Count
Application
Vmware
113

Nessus

  • NASL familyWindows
    NASL idVMWARE_MULTIPLE_VMSA_2009_0005.NASL
    descriptionVMware products installed on the remote host are reportedly affected by multiple vulnerabilities : - A vulnerability in the guest virtual device driver could allow an attacker to use the guest operating system to crash the host operating system. (CVE-2008-3761) - A denial of service vulnerability affects an unspecified IOCTL contained in the
    last seen2020-06-01
    modified2020-06-02
    plugin id36117
    published2009-04-09
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/36117
    titleVMware Products Multiple Vulnerabilities (VMSA-2009-0005/VMSA-2009-0007)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201209-25.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201209-25 (VMware Player, Server, Workstation: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in VMware Player, Server, and Workstation. Please review the CVE identifiers referenced below for details. Impact : Local users may be able to gain escalated privileges, cause a Denial of Service, or gain sensitive information. A remote attacker could entice a user to open a specially crafted file, possibly resulting in the remote execution of arbitrary code, or a Denial of Service. Remote attackers also may be able to spoof DNS traffic, read arbitrary files, or inject arbitrary web script to the VMware Server Console. Furthermore, guest OS users may be able to execute arbitrary code on the host OS, gain escalated privileges on the guest OS, or cause a Denial of Service (crash the host OS). Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id62383
    published2012-10-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62383
    titleGLSA-201209-25 : VMware Player, Server, Workstation: Multiple vulnerabilities
  • NASL familyVMware ESX Local Security Checks
    NASL idVMWARE_VMSA-2009-0006.NASL
    descriptiona. Host code execution vulnerability from a guest operating system A critical vulnerability in the virtual machine display function might allow a guest operating system to run code on the host. This issue is different from the vulnerability in a guest virtual device driver reported in VMware security advisory VMSA-2009-0005 on 2009-04-03. That vulnerability can cause a potential denial of service and is identified by CVE-2008-4916. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-1244 to this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id40391
    published2009-07-27
    reporterThis script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/40391
    titleVMSA-2009-0006 : VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability

Oval

accepted2009-11-09T04:00:34.291-05:00
classvulnerability
contributors
nameMichael Wood
organizationHewlett-Packard
definition_extensions
  • commentVMWare ESX Server 3.0.3 is installed
    ovaloval:org.mitre.oval:def:6026
  • commentVMWare ESX Server 3.0.2 is installed
    ovaloval:org.mitre.oval:def:5613
  • commentVMware ESX Server 3.5.0 is installed
    ovaloval:org.mitre.oval:def:5887
descriptionUnspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.
familyunix
idoval:org.mitre.oval:def:6065
statusaccepted
submitted2009-09-23T15:39:02.000-04:00
titleVMware Multiple Hosted Products Display Function Code Execution Vulnerability
version4