CVE-2009-1244

Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:S/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
VendorProductVersion
vmwareace
𝑥
≤ 2.5.1
vmwareace
1.0
vmwareace
1.0.0
vmwareace
1.0.1
vmwareace
1.0.2
vmwareace
1.0.3
vmwareace
1.0.4
vmwareace
1.0.5
vmwareace
1.0.6
vmwareace
1.0.7
vmwareace
2.0
vmwareace
2.0.1
vmwareace
2.0.2
vmwareace
2.0.3
vmwareace
2.0.4
vmwareace
2.0.5
vmwareace
2.5.0
vmwareesx
3.0.2
vmwareesx
3.0.3
vmwareesx
3.5
vmwareesxi
3.5
vmwarefusion
𝑥
≤ 2.0.3
vmwarefusion
1.0
vmwarefusion
1.1
vmwarefusion
1.1.1
vmwarefusion
1.1.2
vmwarefusion
1.1.3
vmwarefusion
2.0
vmwarefusion
2.0.1
vmwarefusion
2.0.2
vmwareplayer
𝑥
≤ 2.5.1
vmwareplayer
1.0.0
vmwareplayer
1.0.1
vmwareplayer
1.0.2
vmwareplayer
1.0.3
vmwareplayer
1.0.4
vmwareplayer
1.0.5
vmwareplayer
1.0.6
vmwareplayer
1.0.7
vmwareplayer
1.0.8
vmwareplayer
2.0
vmwareplayer
2.0.1
vmwareplayer
2.0.2
vmwareplayer
2.0.3
vmwareplayer
2.0.4
vmwareplayer
2.0.5
vmwareplayer
2.5
vmwareserver
1.0
vmwareserver
1.0.1
vmwareserver
1.0.2
vmwareserver
1.0.3
vmwareserver
1.0.4
vmwareserver
1.0.5
vmwareserver
1.0.6
vmwareserver
1.0.7
vmwareserver
1.0.8
vmwareserver
1.0.9
vmwareserver
2.0
vmwareworkstation
𝑥
≤ 6.5.1
vmwareworkstation
1.0.1
vmwareworkstation
1.0.2
vmwareworkstation
1.0.4
vmwareworkstation
1.0.5
vmwareworkstation
1.1
vmwareworkstation
1.1.1
vmwareworkstation
1.1.2
vmwareworkstation
2.0
vmwareworkstation
2.0.1
vmwareworkstation
3.2.1:patch1
vmwareworkstation
3.4
vmwareworkstation
4.0
vmwareworkstation
4.0.1
vmwareworkstation
4.0.2
vmwareworkstation
4.5.2
vmwareworkstation
5.0.0
vmwareworkstation
5.5
vmwareworkstation
5.5.0
vmwareworkstation
5.5.1
vmwareworkstation
5.5.2
vmwareworkstation
5.5.3
vmwareworkstation
5.5.4
vmwareworkstation
5.5.5
vmwareworkstation
5.5.6
vmwareworkstation
5.5.7
vmwareworkstation
5.5.8
vmwareworkstation
6.0
vmwareworkstation
6.0.1
vmwareworkstation
6.0.2
vmwareworkstation
6.0.3
vmwareworkstation
6.0.4
vmwareworkstation
6.0.5
vmwareworkstation
6.5
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
vmware-player
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
gutsy
dne
dapper
ignored
References
http://lists.vmware.com/pipermail/security-announce/2009/000055.html
http://osvdb.org/53634
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://www.securityfocus.com/archive/1/502615/100/0/threaded
http://www.securityfocus.com/bid/34471
http://www.securitytracker.com/id?1022031
http://www.vmware.com/security/advisories/VMSA-2009-0006.html
http://www.vupen.com/english/advisories/2009/0944
https://exchange.xforce.ibmcloud.com/vulnerabilities/49834
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6065
http://lists.vmware.com/pipermail/security-announce/2009/000055.html
http://osvdb.org/53634
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://www.securityfocus.com/archive/1/502615/100/0/threaded
http://www.securityfocus.com/bid/34471
http://www.securitytracker.com/id?1022031
http://www.vmware.com/security/advisories/VMSA-2009-0006.html
http://www.vupen.com/english/advisories/2009/0944
https://exchange.xforce.ibmcloud.com/vulnerabilities/49834
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6065