Podatność CVE-2009-2267


Publikacja: 2009-11-02   Modyfikacja: 2012-02-13

Opis:
VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.0.6 build 196839, VMware ESXi 3.5 and 4.0, and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0, when Virtual-8086 mode is used, do not properly set the exception code upon a page fault (aka #PF) exception, which allows guest OS users to gain privileges on the guest OS by specifying a crafted value for the cs register.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Med.
Invalid #PF Exception Code in VMware can result in Guest Privilege Escalation
Tavis Ormandy &a...
04.11.2009

Typ:

CWE-Other

Producent: Vmware
Produkt: Workstation 
Wersje:
6.5.2
6.5.1
6.5.0
Produkt: ESX 
Wersje:
4.0
3.5
3.0.3
2.5.5
Produkt: ESXI 
Wersje: 4.0; 3.5;
Produkt: Player 
Wersje:
2.5.2
2.5.1
2.5
Produkt: ACE 
Wersje:
2.5.2
2.5.1
2.5.0
Produkt: Fusion 
Wersje:
2.0.5
2.0.4
2.0.3
2.0.2
2.0.1
2.0
Produkt: Server 
Wersje:
2.0.1
2.0
1.0.9
1.0.8
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0

CVSS2 => (AV:L/AC:M/Au:N/C:C/I:C/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
6.9/10
10/10
3.4/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Lokalny
Średnia
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Pełny
Pełny
Pełny

 Referencje:
http://lists.vmware.com/pipermail/security-announce/2009/000069.html
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://securitytracker.com/id?1023082
http://securitytracker.com/id?1023083
http://www.securityfocus.com/archive/1/507523/100/0/threaded
http://www.securityfocus.com/archive/1/507539/100/0/threaded
http://www.securityfocus.com/bid/36841
http://www.vmware.com/security/advisories/VMSA-2009-0015.html
http://www.vupen.com/english/advisories/2009/3062
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8473

Podobne CVE
CVE-2019-5521
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6) and Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain an out-of-bounds read vulnerability in the pixel sh...
CVE-2019-5531
VMware vSphere ESXi (6.7 prior to ESXi670-201810101-SG, 6.5 prior to ESXi650-201811102-SG, and 6.0 prior to ESXi600-201807103-SG) and VMware vCenter Server (6.7 prior to 6.7 U1b, 6.5 prior to 6.5 U2b, and 6.0 prior to 6.0 U3j) contain an information ...
CVE-2019-5534
VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability where Virtual Machines deployed from an OVF could expose login information via the virtual machine's vAppConf...
CVE-2019-5532
VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF. A malicious user w...
CVE-2019-5528
VMware ESXi 6.5 suffers from partial denial of service vulnerability in hostd process. Patch ESXi650-201907201-UG for this issue is available.
CVE-2019-5525
VMware Workstation (15.x before 15.1.0) contains a use-after-free vulnerability in the Advanced Linux Sound Architecture (ALSA) backend. A malicious user with normal user privileges on the guest machine may exploit this issue in conjunction with othe...
CVE-2019-5522
VMware Tools for Windows update addresses an out of bounds read vulnerability in vm3dmp driver which is installed with vmtools in Windows guest machines. This issue is present in versions 10.2.x and 10.3.x prior to 10.3.10. A local attacker with non-...
CVE-2019-5526
VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges...

Copyright 2019, cxsecurity.com

 

Back to Top