Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2005-12-29	CVE-2005-4583	Cross-Site Scripting vulnerability in VMWare ESX Unspecified vulnerability in the Management Interface in VMware ESX Server 2.x up to 2.5.x before 24 December 2005 allows "remote code execution in the Web browser" via unspecified attack vectors, probably related to cross-site scripting (XSS). network vmware CWE-79	4.3
2005-02-14	CVE-2005-0444	Local Security vulnerability in Workstation VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries using a path that includes the rrdharan world-writable temporary directory, which allows local users to execute arbitrary code. local low complexity vmware	4.6
2004-11-23	CVE-2004-0081	OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. network low complexity cisco symantec hp avaya freebsd openbsd redhat sco apple 4d checkpoint lite neoteris novell openssl sgi stonesoft vmware bluecoat securecomputing dell tarantella sun	5.0
2003-10-20	CVE-2003-0739	Local Security vulnerability in Workstation VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary files via a symlink attack. local low complexity vmware	4.6