Vulnerabilities > Vmware > Workstation > 4.0.2

DATE CVE VULNERABILITY TITLE RISK
2014-08-28 CVE-2014-4200 Permissions, Privileges, and Access Controls vulnerability in VMWare Tools, Vm-Support and Workstation
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, uses 0644 permissions for the vm-support archive, which allows local users to obtain sensitive information by extracting files from this archive.
local
vmware CWE-264
4.7
2014-08-28 CVE-2014-4199 Link Following vulnerability in VMWare Tools, Vm-Support and Workstation
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp.
local
vmware CWE-59
6.3
2012-09-08 CVE-2012-1666 Unspecified vulnerability in VMWare products
Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory.
local
vmware
6.9
2009-06-01 CVE-2009-1805 Denial Of Service vulnerability in VMware Products Descheduled Time Accounting Driver
Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors.
local
high complexity
vmware
4.0
2009-04-13 CVE-2009-1244 Hosted Products Display Function Code Execution vulnerability in VMware
Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.
local
low complexity
vmware
6.8
2009-04-06 CVE-2009-1147 Remote vulnerability in VMware Hosted Products VMSA-2009-0005
Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 2.0.x before 2.0.1 build 156745 allows local users to gain privileges via unknown vectors.
local
low complexity
vmware
7.2
2009-04-06 CVE-2009-1146 Remote vulnerability in VMware Hosted Products VMSA-2009-0005
Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows local users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3761.
local
low complexity
vmware
4.9
2007-09-21 CVE-2007-0062 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare products
Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients.
network
low complexity
vmware CWE-119
critical
10.0
2007-05-02 CVE-2007-1877 Denial Of Service vulnerability in VMware
VMware Workstation before 5.5.4 allows attackers to cause a denial of service against the guest OS by causing the virtual machine process (VMX) to store malformed configuration information.
network
low complexity
vmware
7.8
2007-05-02 CVE-2007-1876 Denial Of Service vulnerability in VMware
VMware Workstation before 5.5.4, when running a 64-bit Windows guest on a 64-bit host, allows local users to "corrupt the virtual machine's register context" by debugging a local program and stepping into a "syscall instruction."
local
low complexity
microsoft vmware
7.2