Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8370

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2014-8370
Last Modified 20 Feb 2015 10:01:34
Published 29 Jan 2015 01:59:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-8370

Summary

VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file.

Vulnerable Systems

Operating System

  • Vmware Esxi 5.0

  • Vmware Esxi 5.1

  • Vmware Esxi 5.5

Application

  • Vmware Fusion 6.0

  • Vmware Fusion 6.0.1

  • Vmware Fusion 6.0.2

  • Vmware Fusion 6.0.3

  • Vmware Fusion 6.0.4

  • Vmware Player 6.0

  • Vmware Player 6.0.1

  • Vmware Player 6.0.2

  • Vmware Player 6.0.3

  • Vmware Player 6.0.4

  • Vmware Workstation 10.0

  • Vmware Workstation 10.0.1

  • Vmware Workstation 10.0.2

  • Vmware Workstation 10.0.3

  • Vmware Workstation 10.0.4


References

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2015-0001.html

JVNDB - JVNDB-2015-000007

JVN - JVN#88252465

SECTRACK - 1031643

SECTRACK - 1031642

BID - 72338

SECUNIA - 62669

SECUNIA - 62605

SECUNIA - 62551

XF - vmware-cve20148370-priv-esc(100933)

Related Patches

VMSA-2015-0004 VMware Fusion 6.0.6 for Mac OS X (See Notes) (Rev 3)


Last Updated: 27 May 2016 11:07:44