Vulnerability CVE-2009-1805


Published: 2009-06-01   Modified: 2012-02-13

Description:
Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors.

Type:

CWE-noinfo

Vendor: Vmware
Product: Workstation 
Version:
6.5.1
6.5
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1_build_55017
6.0.1
6.0
5.5.8
5.5.7
5.5.6
5.5.5_build_56455
5.5.5
5.5.4_build_44386
5.5.4
5.5.3_build_42958
5.5.3_build_34685
5.5.3
5.5.2
5.5.1_build_19175
5.5.1
5.5.0_build_13124
5.5.0
5.5
5.0.0_build_13124
5.0.0
5
4.5.2_build_8848
4.5.2
4.0.2
4.0.1_build_5289
4.0.1
4.0
3.4
3.2.1
2.0.1
2.0
1.1.2
1.1.1
1.1
1.0.5
1.0.4
1.0.2
1.0.1
See more versions on NVD
Product: ESXI 
Version: 3.5;
Product: ESX 
Version:
3.5
3.0.3
3.0.2
See more versions on NVD
Product: Player 
Version:
2.5.1
2.5
2.0.5
2.0.4
2.0.3
2.0.2
2.0.1_build_55017
2.0.1
2.0
1.0.8
1.0.7
1.0.6
1.0.5_build_56455
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0
See more versions on NVD
Product: ACE 
Version:
2.5.1
2.5.0
2.0.5
2.0.4
2.0.3
2.0.2
2.0.1_build_55017
2.0.1
2.0
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3_build_54075
1.0.3
1.0.2
1.0.1
1.0.0
1.0
See more versions on NVD
Product: Fusion 
Version: 2.0.1; 2.0;
Product: Server 
Version:
2.0
1.0.8
1.0.7
1.0.6
1.0.5
1.0.4_build_56528
1.0.4
1.0.3
1.0.2
1.0.1_build_29996
1.0.1
See more versions on NVD

CVSS2 => (AV:L/AC:H/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
6.9/10
1.9/10
Exploit range
Attack complexity
Authentication
Local
High
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete

 References:
http://www.securityfocus.com/archive/1/503912/100/0/threaded
http://www.securityfocus.com/bid/35141
http://www.securitytracker.com/id?1022300
http://www.vmware.com/security/advisories/VMSA-2009-0007.html
http://www.vupen.com/english/advisories/2009/1452
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6130

Related CVE
CVE-2019-5526
VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges...
CVE-2019-5520
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates address an out-of-bounds read vulnerability. Exploitat...
CVE-2019-5517
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain multiple out-of-bounds read vulnerabilities in the sha...
CVE-2019-5516
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates address an out-of-bounds vulnerability with the vertex...
CVE-2019-5519
VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU)...
CVE-2019-5518
VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain an out-of-bounds read/write vulnerab...
CVE-2018-6982
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may lead to an information leak from host to guest.
CVE-2018-6981
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below co...

Copyright 2019, cxsecurity.com

 

Back to Top