Lucene search

K

[email protected]NVD:CVE-2009-0910

HistoryApr 06, 2009 - 3:30 p.m.

CVE-2009-0910

2009-04-0615:30:04

CWE-119

[email protected]

web.nvd.nist.gov

1

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.057 Low

EPSS

Percentile

93.4%

Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-436.

Affected configurations

NVD

Node

vmwareaceMatch2.5.1

OR

vmwareplayerMatch2.5.1

OR

vmwareserverMatch2.0

OR

vmwareworkstationMatch6.5.1

References

lists.vmware.com/pipermail/security-announce/2009/000054.html

seclists.org/fulldisclosure/2009/Apr/0036.html

security.gentoo.org/glsa/glsa-201209-25.xml

www.securityfocus.com/bid/34373

www.securitytracker.com/id?1021974

www.vmware.com/security/advisories/VMSA-2009-0005.html

www.vupen.com/english/advisories/2009/0944

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5786

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.057 Low

EPSS

Percentile

93.4%

Related for NVD:CVE-2009-0910

prion1 cvelist1 securityvulns3 cve1 openvas6 nessus3 seebug2 vmware1 gentoo1