Vulnerabilities > Vmware > ESX > 3.5

DATE CVE VULNERABILITY TITLE RISK
2012-05-04 CVE-2012-1516 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare ESX and Esxi
The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving data pointers.
network
low complexity
vmware CWE-119
critical
9.9
2009-08-11 CVE-2009-2416 Use After Free vulnerability in multiple products
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
6.5