Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2515

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-2515
Last Modified 05 Sep 2008 04:44:21
Published 31 Dec 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-2515

Summary

Format string vulnerability in VMware Workstation 4.5.2 build-8848, if running with elevated privileges, might allow local users to execute arbitrary code via format string specifiers in command line arguments. NOTE: it is not clear if there are any default or typical circumstances under which VMware would be running with privileges beyond those already available to the attackers, so this might not be a vulnerability.

Vulnerable Systems

Application

  • Vmware Workstation 4.5.2 Build 8848


References

XF - vmware-format-string(18297)

BID - 11737

OSVDB - 12169

FULLDISC - 20041129 Format string flaw in VMWare Workstation 4.5.2 build-8848.


Last Updated: 27 May 2016 10:39:30