Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-1406

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2013-1406
Last Modified 02 Nov 2013 11:30:59
Published 11 Feb 2013 05:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2013-1406

Summary

The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors.

Vulnerable Systems

Operating System

  • Vmware Esx 4.0

  • Vmware Esx 4.1

  • Vmware Esxi 4.0

  • Vmware Esxi 4.1

  • Vmware Esxi 5.0

  • Vmware Esxi 5.1

Application

  • Vmware Fusion 4.1

  • Vmware Fusion 4.1.1

  • Vmware Fusion 4.1.2

  • Vmware Fusion 4.1.3

  • Vmware Fusion 5.0

  • Vmware Fusion 5.0.1

  • Vmware View 4.0.0

  • Vmware View 4.5

  • Vmware View 4.6.0

  • Vmware View 4.6.1

  • Vmware View 5.0

  • Vmware View 5.0.0

  • Vmware View 5.0.1

  • Vmware View 5.1.0

  • Vmware View 5.1.1

  • Vmware Workstation 8.0

  • Vmware Workstation 8.0.0.18997

  • Vmware Workstation 8.0.1

  • Vmware Workstation 8.0.1.27038

  • Vmware Workstation 8.0.2

  • Vmware Workstation 8.0.3

  • Vmware Workstation 8.0.4

  • Vmware Workstation 9.0


References

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2013-0002.html

Related Patches

VMware VMSA-2013-0002 VMSA-2012-0015 VMware Workstation 8.0.5 for Windows (Update) (All Languages) (See Notes) (Rev 3)

VMware VMSA-2013-0002 VMware Fusion 5.0.2 for Mac (See Notes)

VMware VMSA-2013-0002 VMware Fusion 4.1.4 for Mac (See Notes)

VMware VMSA-2014-0001 VMSA-2013-0002 VMware Workstation 9.0.1 for Windows (Update) (All Languages) (See Notes) (Rev 2)


Last Updated: 27 May 2016 10:58:33