Improper input validation in Vmware Esx
CVE-2010-4297
The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 build 301548; VMware Server 2.0.2; VMware F…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.027 (86.2th percentile) — read the EPSS interpretation.
Affected products
- Vmware Esx — versions 4.0, 3.5, 4.1
- Vmware Esxi — versions 4.0, 3.5, 4.1
- Vmware Fusion — versions 2.0.2, 3.1, 2.0.4
- Vmware Player — versions 2.5.2, 3.1.1, 3.1.2
- Vmware Server — versions 2.0.2
- Vmware Workstation — versions 7.0, 6.5.0, 7.0.1
- N/a — versions n/a
Weakness classification (CWE)
References
- [security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues (mailing-list, x_refsource_MLIST)
- 69590 (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- 45166 (vdb-entry, x_refsource_BID)
- 20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues (mailing-list, x_refsource_BUGTRAQ)
- 42480 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- 1024819 (vdb-entry, x_refsource_SECTRACK)
- 42482 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- ADV-2010-3116 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
- 1024820 (vdb-entry, x_refsource_SECTRACK)