Vulnerabilities > Vmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-03-20 | CVE-2008-1340 | Resource Management Errors vulnerability in VMWare products Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption." | 7.1 |
| 2008-01-08 | CVE-2007-5360 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in OpenPegasus Management server, when compiled to use PAM and with PEGASUS_USE_PAM_STANDALONE_PROC defined, as used in VMWare ESX Server 3.0.1 and 3.0.2, might allow remote attackers to execute arbitrary code via vectors related to PAM authentication, a different vulnerability than CVE-2008-0003. | 7.5 |
| 2007-10-21 | CVE-2007-5619 | Local Security vulnerability in Server Unspecified vulnerability in VMware Server before 1.0.4 causes user passwords to be recorded in cleartext in server logs, which might allow local users to gain privileges. | 7.2 |
| 2007-10-21 | CVE-2007-5618 | Multiple vulnerability in VMWare Player, Server and Workstation Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs. | 7.2 |
| 2007-05-04 | CVE-2007-2491 | Denial-Of-Service vulnerability in Server The PIIX4 power management subsystem in EMC VMware Workstation 5.5.3.34685 and VMware Server 1.0.1.29996 allows local users to write to arbitrary memory locations via a crafted poke to I/O port 0x1004, triggering a denial of service (virtual machine crash) or other unspecified impact, a related issue to CVE-2007-1337. | 7.2 |
| 2007-05-02 | CVE-2007-1877 | Denial Of Service vulnerability in VMware VMware Workstation before 5.5.4 allows attackers to cause a denial of service against the guest OS by causing the virtual machine process (VMX) to store malformed configuration information. | 7.8 |
| 2007-05-02 | CVE-2007-1876 | Denial Of Service vulnerability in VMware VMware Workstation before 5.5.4, when running a 64-bit Windows guest on a 64-bit host, allows local users to "corrupt the virtual machine's register context" by debugging a local program and stepping into a "syscall instruction." | 7.2 |
| 2007-05-02 | CVE-2007-1337 | Denial Of Service vulnerability in VMware The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors. | 7.8 |
| 2007-05-02 | CVE-2007-1069 | Denial Of Service vulnerability in VMware The memory management in VMware Workstation before 5.5.4 allows attackers to cause a denial of service (Windows virtual machine crash) by triggering certain general protection faults (GPF). | 7.8 |
| 2007-02-21 | CVE-2007-1056 | Permissions, Privileges, and Access Controls vulnerability in VMWare Workstation 5.5.3Build34685 VMware Workstation 5.5.3 build 34685 does not provide per-user restrictions on certain privileged actions, which allows local users to perform restricted operations such as changing system time, accessing hardware components, and stopping the "VMware tools service" service. | 7.2 |