CVE-2013-1406

The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
VendorProductVersion
vmwareworkstation
8.0
vmwareworkstation
8.0.0.18997
vmwareworkstation
8.0.1
vmwareworkstation
8.0.1.27038
vmwareworkstation
8.0.2
vmwareworkstation
8.0.3
vmwareworkstation
8.0.4
vmwareworkstation
9.0
vmwarefusion
4.1
vmwarefusion
4.1.1
vmwarefusion
4.1.2
vmwarefusion
4.1.3
vmwarefusion
5.0
vmwarefusion
5.0.1
vmwareview
4.0.0
vmwareview
4.0.0:u2
vmwareview
4.5
vmwareview
4.6.0
vmwareview
4.6.1
vmwareview
5.0
vmwareview
5.0.0
vmwareview
5.0.0:u2
vmwareview
5.0.1
vmwareview
5.1.0
vmwareview
5.1.1
vmwareesxi
4.0
vmwareesxi
4.0:1
vmwareesxi
4.0:2
vmwareesxi
4.0:3
vmwareesxi
4.0:4
vmwareesxi
4.1
vmwareesxi
4.1:1
vmwareesxi
4.1:2
vmwareesxi
5.0
vmwareesxi
5.0:1
vmwareesxi
5.0:2
vmwareesxi
5.1
vmwareesx
4.0
vmwareesx
4.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.vmware.com/security/advisories/VMSA-2013-0002.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17164
http://www.vmware.com/security/advisories/VMSA-2013-0002.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17164