Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1244

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2009-1244
Last Modified 14 May 2013 10:55:59
Published 13 Apr 2009 12:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2009-1244

Summary

Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.

Vulnerable Systems

Application

  • Vmware Ace 1.0

  • Vmware Ace 1.0.0

  • Vmware Ace 1.0.1

  • Vmware Ace 1.0.2

  • Vmware Ace 1.0.3

  • Vmware Ace 1.0.4

  • Vmware Ace 1.0.5

  • Vmware Ace 1.0.6

  • Vmware Ace 1.0.7

  • Vmware Ace 2.0

  • Vmware Ace 2.0.1

  • Vmware Ace 2.0.2

  • Vmware Ace 2.0.3

  • Vmware Ace 2.0.4

  • Vmware Ace 2.0.5

  • Vmware Ace 2.5.0

  • Vmware Ace 2.5.1

  • Vmware Esx 3.0.2

  • Vmware Esx 3.0.3

  • Vmware Esx 3.5

  • Vmware Esxi 3.5

  • Vmware Fusion 1.0

  • Vmware Fusion 1.1

  • Vmware Fusion 1.1.1

  • Vmware Fusion 1.1.2

  • Vmware Fusion 1.1.3

  • Vmware Fusion 2.0

  • Vmware Fusion 2.0.1

  • Vmware Fusion 2.0.2

  • Vmware Fusion 2.0.3

  • Vmware Player 1.0

  • Vmware Player 1.0.0

  • Vmware Player 1.0.1

  • Vmware Player 1.0.2

  • Vmware Player 1.0.3

  • Vmware Player 1.0.4

  • Vmware Player 1.0.5

  • Vmware Player 1.0.6

  • Vmware Player 1.0.7

  • Vmware Player 1.0.8

  • Vmware Player 2.0

  • Vmware Player 2.0.1

  • Vmware Player 2.0.2

  • Vmware Player 2.0.3

  • Vmware Player 2.0.4

  • Vmware Player 2.0.5

  • Vmware Player 2.5

  • Vmware Player 2.5.1

  • Vmware Server 1.0

  • Vmware Server 1.0.1

  • Vmware Server 1.0.2

  • Vmware Server 1.0.3

  • Vmware Server 1.0.4

  • Vmware Server 1.0.5

  • Vmware Server 1.0.6

  • Vmware Server 1.0.7

  • Vmware Server 1.0.8

  • Vmware Server 1.0.9

  • Vmware Server 2.0

  • Vmware Workstation 1.0.1

  • Vmware Workstation 1.0.2

  • Vmware Workstation 1.0.4

  • Vmware Workstation 1.0.5

  • Vmware Workstation 1.1

  • Vmware Workstation 1.1.1

  • Vmware Workstation 1.1.2

  • Vmware Workstation 2.0

  • Vmware Workstation 2.0.1

  • Vmware Workstation 3.2.1

  • Vmware Workstation 3.4

  • Vmware Workstation 4.0

  • Vmware Workstation 4.0.1

  • Vmware Workstation 4.0.2

  • Vmware Workstation 4.5.2

  • Vmware Workstation 5

  • Vmware Workstation 5.0.0

  • Vmware Workstation 5.5

  • Vmware Workstation 5.5.0

  • Vmware Workstation 5.5.1

  • Vmware Workstation 5.5.2

  • Vmware Workstation 5.5.3

  • Vmware Workstation 5.5.4

  • Vmware Workstation 5.5.5

  • Vmware Workstation 5.5.6

  • Vmware Workstation 5.5.7

  • Vmware Workstation 5.5.8

  • Vmware Workstation 6.0

  • Vmware Workstation 6.0.1

  • Vmware Workstation 6.0.2

  • Vmware Workstation 6.0.3

  • Vmware Workstation 6.0.4

  • Vmware Workstation 6.0.5

  • Vmware Workstation 6.5

  • Vmware Workstation 6.5.1


References

BID - 34471

MLIST - [security-announce] 20090410 VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability

XF - vmware-virtualmachine-code-execution(49834)

VUPEN - ADV-2009-0944

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2009-0006.html

SECTRACK - 1022031

BUGTRAQ - 20090410 VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability

OSVDB - 53634

GENTOO - GLSA-201209-25


Last Updated: 27 May 2016 11:02:24