Vulnerabilities > Vmware > ESX Server > 3.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-04-01 | CVE-2010-1137 | Cross-Site Scripting vulnerability in VMWare ESX Server, Server and Virtualcenter Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5, and the Server Console in VMware Server 1.0, allows remote attackers to inject arbitrary web script or HTML via the name of a virtual machine. | 4.3 |
2010-04-01 | CVE-2010-0686 | Improper Input Validation vulnerability in VMWare ESX Server, Server and Virtualcenter WebAccess in VMware VirtualCenter 2.0.2 and 2.5, VMware Server 2.0, and VMware ESX 3.0.3 and 3.5 allows remote attackers to leverage proxy-server functionality to spoof the origin of requests via unspecified vectors, related to a "URL forwarding vulnerability." | 7.5 |
2010-04-01 | CVE-2009-2277 | Cross-Site Scripting vulnerability in VMWare ESX Server and Virtualcenter Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "context data." | 4.3 |
2008-06-05 | CVE-2008-2100 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare products Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors. | 7.2 |
2008-06-05 | CVE-2008-0967 | Local Privilege Escalation vulnerability in VMware vmware-authd Daemon Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file. local vmware | 6.9 |