Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Descriptions du CVE
VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.0.6 build 196839, VMware ESXi 3.5 and 4.0, and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0, when Virtual-8086 mode is used, do not properly set the exception code upon a page fault (aka #PF) exception, which allows guest OS users to gain privileges on the guest OS by specifying a crafted value for the cs register.
Informations du CVE
Métriques
| Métriques | Score | Gravité | CVSS Vecteur | Source |
|---|---|---|---|---|
| V2 | 6.9 | AV:L/AC:M/Au:N/C:C/I:C/A:C | [email protected] |
EPSS
EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.
Score EPSS
Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.
Percentile EPSS
Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
Informations sur l'Exploit
Exploit Database EDB-ID : 10207
Date de publication : 2009-10-26 23h00 +00:00
Auteur : Tavis Ormandy & Julien Tinnes
EDB Vérifié : Yes
Bugtraq ID: 36841
Class: Design Error
Published: Oct 27 2009 12:00AM
Updated: Oct 27 2009 09:18PM
Credit: Tavis Ormandy and Julien Tinnes of the Google Security Team
Vulnerable: VMWare Workstation 6.5.3
VMWare Workstation 6.5.2 build 156735
VMWare Workstation 6.5.2
VMWare Workstation 6.5.1
VMWare Workstation 6.5 build 118166
VMWare Server 2.0.1 build 156745
VMWare Server 2.0.1
VMWare Server 1.0.9 build 156507
VMWare Server 1.0.9
VMWare Server 1.0.8 build 126538
VMWare Server 1.0.8
VMWare Server 1.0.7 build 108231
VMWare Server 1.0.7
VMWare Server 1.0.6 build 91891
VMWare Server 1.0.6
VMWare Server 1.0.5 Build 80187
VMWare Server 1.0.5
VMWare Server 1.0.4
VMWare Server 1.0.3
VMWare Server 1.0.2
VMWare Server 2.0
VMWare Player 2.5.3
VMWare Player 2.5.2 build 156735
VMWare Player 2.5.2
VMWare Player 2.5.1
VMWare Player 2.5 build 118166
VMWare Fusion 2.0.6
VMWare Fusion 2.0.5
VMWare Fusion 2.0.4
VMWare Fusion 2.0.3
VMWare Fusion 2.0.2 build 147997
VMWare Fusion 2
VMWare ESXi Server 4.0
VMWare ESXi Server 3.5 ESXe350-20090440
VMWare ESXi Server 3.5
VMWare ESX Server 3.0.3 ESX303-200905401-SG
VMWare ESX Server 3.0.3 ESX303-200812406-BG
VMWare ESX Server 3.0.3
VMWare ESX Server 3.0.3
VMWare ESX Server 3.0.2 ESX-1008420
VMWare ESX Server 3.0.2
VMWare ESX Server 3.0.1
VMWare ESX Server 3.0
VMWare ESX Server 2.5.5 patch 9
VMWare ESX Server 2.5.5 patch 8
VMWare ESX Server 2.5.5 patch 6
VMWare ESX Server 2.5.5 patch 4
VMWare ESX Server 2.5.5 patch 2
VMWare ESX Server 2.5.5 patch 13
VMWare ESX Server 2.5.5 patch 12
VMWare ESX Server 2.5.5 patch 11
VMWare ESX Server 2.5.5 patch 10
VMWare ESX Server 2.5.5
VMWare ESX Server 2.5.4 patch 21
VMWare ESX Server 2.5.4 patch 19
VMWare ESX Server 2.5.4 Patch 17
VMWare ESX Server 2.5.4 Patch 16
VMWare ESX Server 2.5.4 patch 15
VMWare ESX Server 2.5.4 patch 13
VMWare ESX Server 2.5.4 Patch 1
VMWare ESX Server 2.5.4
VMWare ESX Server 2.5.4
VMWare ESX Server 2.5.4
VMWare ESX Server 2.5.4
VMWare ESX Server 2.5.3 Patch 4
VMWare ESX Server 2.5.3
VMWare ESX Server 2.5.3
VMWare ESX Server 2.5.3
VMWare ESX Server 2.5.3
VMWare ESX Server 2.5.3
VMWare ESX Server 2.5.3
VMWare ESX Server 2.5.2
VMWare ESX Server 2.5
VMWare ESX Server 2.1.3 Patch 2
VMWare ESX Server 2.1.3
VMWare ESX Server 2.1.3
VMWare ESX Server 2.1.3
VMWare ESX Server 2.1.3
VMWare ESX Server 2.1.2
VMWare ESX Server 2.1.1
VMWare ESX Server 2.1
VMWare ESX Server 2.0.2 Patch 2
VMWare ESX Server 2.0.2
VMWare ESX Server 2.0.2
VMWare ESX Server 2.0.2
VMWare ESX Server 2.0.2
VMWare ESX Server 2.0.1 build 6403
VMWare ESX Server 2.0.1
VMWare ESX Server 2.0 build 5257
VMWare ESX Server 2.0
VMWare ESX Server 4.0
VMWare ESX Server 4.0
VMWare ESX Server 3.5 ESX350-200906407
VMWare ESX Server 3.5 ESX350-200904401
VMWare ESX Server 3.5
VMWare ESX Server 2.5.5 patch 5
VMWare ESX Server 2.5.3 Patch 2
VMWare ESX Server 2.5.2 Patch 4
VMWare ESX Server 2.1.3 Patch 1
VMWare ESX Server 2.0.2 Patch 1
VMWare ACE 2.5.2 build 156735
VMWare ACE 2.5.2
VMWare ACE 2.5.1
VMWare ACE 2.5 build 118166
Not Vulnerable: VMWare Workstation 6.5.3 build 185404
VMWare Server 2.0.2 Build 203138
VMWare Server 1.0.10 Build 203137
VMWare Player 2.5.3 build 185404
VMWare Fusion 2.0.6 Build 196839
VMWare ESXi Server 4.0 ESXi400-20090940
VMWare ESXi Server 3.5 ESXe350-20091040
VMWare ESX Server 3.0.3 ESX303-200910401-BG
VMWare ESX Server 2.5.5 patch 15
VMWare ESX Server 4.0 ESX400-200909401
VMWare ESX Server 3.5 ESX350-200910401
VMWare ACE 2.5.3 Build 185404
Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/10207.tar.gz (2009-11-22-vmware86.tar.gz)
Products Mentioned
Configuraton 0
Vmware>>Ace >> Version 2.5.0
Vmware>>Ace >> Version 2.5.1
Vmware>>Ace >> Version 2.5.2
Vmware>>Esx >> Version 2.5.5
Vmware>>Esx >> Version 3.0.3
Vmware>>Esx >> Version 3.5
Vmware>>Esx >> Version 4.0
Vmware>>Esxi >> Version 3.5
Vmware>>Esxi >> Version 4.0
Vmware>>Fusion >> Version 2.0
Vmware>>Fusion >> Version 2.0.1
Vmware>>Fusion >> Version 2.0.2
Vmware>>Fusion >> Version 2.0.3
Vmware>>Fusion >> Version 2.0.4
Vmware>>Fusion >> Version 2.0.5
Vmware>>Player >> Version 2.5
- Vmware>>Player >> Version 2.5 (Open CPE detail)
Vmware>>Player >> Version 2.5.1
- Vmware>>Player >> Version 2.5.1 (Open CPE detail)
Vmware>>Player >> Version 2.5.2
- Vmware>>Player >> Version 2.5.2 (Open CPE detail)
Vmware>>Server >> Version 1.0
- Vmware>>Server >> Version 1.0 (Open CPE detail)
Vmware>>Server >> Version 1.0.1
- Vmware>>Server >> Version 1.0.1 (Open CPE detail)
Vmware>>Server >> Version 1.0.2
- Vmware>>Server >> Version 1.0.2 (Open CPE detail)
Vmware>>Server >> Version 1.0.3
- Vmware>>Server >> Version 1.0.3 (Open CPE detail)
Vmware>>Server >> Version 1.0.4
- Vmware>>Server >> Version 1.0.4 (Open CPE detail)
Vmware>>Server >> Version 1.0.5
- Vmware>>Server >> Version 1.0.5 (Open CPE detail)
Vmware>>Server >> Version 1.0.6
- Vmware>>Server >> Version 1.0.6 (Open CPE detail)
Vmware>>Server >> Version 1.0.7
- Vmware>>Server >> Version 1.0.7 (Open CPE detail)
Vmware>>Server >> Version 1.0.8
- Vmware>>Server >> Version 1.0.8 (Open CPE detail)
Vmware>>Server >> Version 1.0.9
- Vmware>>Server >> Version 1.0.9 (Open CPE detail)
Vmware>>Server >> Version 2.0
Vmware>>Server >> Version 2.0
Vmware>>Server >> Version 2.0.1
- Vmware>>Server >> Version 2.0.1 (Open CPE detail)
Vmware>>Workstation >> Version 6.5.0
- Vmware>>Workstation >> Version 6.5.0 (Open CPE detail)
Vmware>>Workstation >> Version 6.5.1
- Vmware>>Workstation >> Version 6.5.1 (Open CPE detail)
Vmware>>Workstation >> Version 6.5.2
- Vmware>>Workstation >> Version 6.5.2 (Open CPE detail)
Références
http://lists.vmware.com/pipermail/security-announce/2009/000069.html
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8473
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
http://www.securityfocus.com/archive/1/507523/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/507539/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
2025©
tesweb SA
