ID CVE-2009-1244
Summary Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.
References
Vulnerable Configurations
  • VMWare ACE 1.0
    cpe:2.3:a:vmware:ace:1.0
  • cpe:2.3:a:vmware:ace:1.0.0
    cpe:2.3:a:vmware:ace:1.0.0
  • VMware ACE 1.0.1
    cpe:2.3:a:vmware:ace:1.0.1
  • VMware ACE 1.0.2
    cpe:2.3:a:vmware:ace:1.0.2
  • VMWare ACE 1.0.3
    cpe:2.3:a:vmware:ace:1.0.3
  • VMware ACE 1.0.4
    cpe:2.3:a:vmware:ace:1.0.4
  • VMware ACE 1.0.5
    cpe:2.3:a:vmware:ace:1.0.5
  • VMware ACE 1.0.6
    cpe:2.3:a:vmware:ace:1.0.6
  • VMware ACE 1.0.7
    cpe:2.3:a:vmware:ace:1.0.7
  • VMWare ACE 2.0
    cpe:2.3:a:vmware:ace:2.0
  • VMware ACE 2.0.1
    cpe:2.3:a:vmware:ace:2.0.1
  • VMware ACE 2.0.2
    cpe:2.3:a:vmware:ace:2.0.2
  • VMware ACE 2.0.3
    cpe:2.3:a:vmware:ace:2.0.3
  • VMware ACE 2.0.4
    cpe:2.3:a:vmware:ace:2.0.4
  • VMware ACE 2.0.5
    cpe:2.3:a:vmware:ace:2.0.5
  • cpe:2.3:a:vmware:ace:2.5.0
    cpe:2.3:a:vmware:ace:2.5.0
  • cpe:2.3:a:vmware:ace:2.5.1
    cpe:2.3:a:vmware:ace:2.5.1
  • cpe:2.3:a:vmware:esx:3.0.2
    cpe:2.3:a:vmware:esx:3.0.2
  • cpe:2.3:a:vmware:esx:3.0.3
    cpe:2.3:a:vmware:esx:3.0.3
  • cpe:2.3:a:vmware:esx:3.5
    cpe:2.3:a:vmware:esx:3.5
  • cpe:2.3:a:vmware:esxi:3.5
    cpe:2.3:a:vmware:esxi:3.5
  • cpe:2.3:a:vmware:fusion:1.0
    cpe:2.3:a:vmware:fusion:1.0
  • cpe:2.3:a:vmware:fusion:1.1
    cpe:2.3:a:vmware:fusion:1.1
  • cpe:2.3:a:vmware:fusion:1.1.1
    cpe:2.3:a:vmware:fusion:1.1.1
  • cpe:2.3:a:vmware:fusion:1.1.2
    cpe:2.3:a:vmware:fusion:1.1.2
  • cpe:2.3:a:vmware:fusion:1.1.3
    cpe:2.3:a:vmware:fusion:1.1.3
  • cpe:2.3:a:vmware:fusion:2.0
    cpe:2.3:a:vmware:fusion:2.0
  • cpe:2.3:a:vmware:fusion:2.0.1
    cpe:2.3:a:vmware:fusion:2.0.1
  • cpe:2.3:a:vmware:fusion:2.0.2
    cpe:2.3:a:vmware:fusion:2.0.2
  • cpe:2.3:a:vmware:fusion:2.0.3
    cpe:2.3:a:vmware:fusion:2.0.3
  • VMware Player 1.0.0
    cpe:2.3:a:vmware:player:1.0.0
  • VMware Player 1.0.1
    cpe:2.3:a:vmware:player:1.0.1
  • VMware Player 1.0.2
    cpe:2.3:a:vmware:player:1.0.2
  • VMware Player 1.0.3
    cpe:2.3:a:vmware:player:1.0.3
  • VMWare Player 1.0.4
    cpe:2.3:a:vmware:player:1.0.4
  • VMware Player 1.0.5
    cpe:2.3:a:vmware:player:1.0.5
  • VMware Player 1.0.6
    cpe:2.3:a:vmware:player:1.0.6
  • VMware Player 1.0.7
    cpe:2.3:a:vmware:player:1.0.7
  • VMware Player 1.0.8
    cpe:2.3:a:vmware:player:1.0.8
  • VMWare Player 2.0
    cpe:2.3:a:vmware:player:2.0
  • VMware Player 2.0.1
    cpe:2.3:a:vmware:player:2.0.1
  • VMware Player 2.0.2
    cpe:2.3:a:vmware:player:2.0.2
  • VMware Player 2.0.3
    cpe:2.3:a:vmware:player:2.0.3
  • VMware Player 2.0.4
    cpe:2.3:a:vmware:player:2.0.4
  • VMware Player 2.0.5
    cpe:2.3:a:vmware:player:2.0.5
  • VMware Player 2.5
    cpe:2.3:a:vmware:player:2.5
  • VMware Player 2.5.1
    cpe:2.3:a:vmware:player:2.5.1
  • VMWare VMware Server 1.0
    cpe:2.3:a:vmware:server:1.0
  • VMWare Server 1.0.1
    cpe:2.3:a:vmware:server:1.0.1
  • VMWare Server 1.0.2
    cpe:2.3:a:vmware:server:1.0.2
  • VMWare Server 1.0.3
    cpe:2.3:a:vmware:server:1.0.3
  • VMWare Server 1.0.4
    cpe:2.3:a:vmware:server:1.0.4
  • VMWare Server 1.0.5
    cpe:2.3:a:vmware:server:1.0.5
  • VMWare Server 1.0.6
    cpe:2.3:a:vmware:server:1.0.6
  • VMWare Server 1.0.7
    cpe:2.3:a:vmware:server:1.0.7
  • VMWare Server 1.0.8
    cpe:2.3:a:vmware:server:1.0.8
  • VMWare Server 1.0.9
    cpe:2.3:a:vmware:server:1.0.9
  • cpe:2.3:a:vmware:server:2.0
    cpe:2.3:a:vmware:server:2.0
  • cpe:2.3:a:vmware:workstation:1.0.1
    cpe:2.3:a:vmware:workstation:1.0.1
  • cpe:2.3:a:vmware:workstation:1.0.2
    cpe:2.3:a:vmware:workstation:1.0.2
  • cpe:2.3:a:vmware:workstation:1.0.4
    cpe:2.3:a:vmware:workstation:1.0.4
  • cpe:2.3:a:vmware:workstation:1.0.5
    cpe:2.3:a:vmware:workstation:1.0.5
  • cpe:2.3:a:vmware:workstation:1.1
    cpe:2.3:a:vmware:workstation:1.1
  • cpe:2.3:a:vmware:workstation:1.1.1
    cpe:2.3:a:vmware:workstation:1.1.1
  • cpe:2.3:a:vmware:workstation:1.1.2
    cpe:2.3:a:vmware:workstation:1.1.2
  • VMWare VMWare 2.0
    cpe:2.3:a:vmware:workstation:2.0
  • VMWare VMWare 2.0.1
    cpe:2.3:a:vmware:workstation:2.0.1
  • VMWare VMWare Workstation 3.2.1 patch1
    cpe:2.3:a:vmware:workstation:3.2.1:patch1
  • VMWare VMWare Workstation 3.4
    cpe:2.3:a:vmware:workstation:3.4
  • VMWare VMWare Workstation 4.0
    cpe:2.3:a:vmware:workstation:4.0
  • VMWare VMWare Workstation 4.0.1
    cpe:2.3:a:vmware:workstation:4.0.1
  • VMWare VMWare Workstation 4.0.2
    cpe:2.3:a:vmware:workstation:4.0.2
  • VMWare VMWare Workstation 4.5.2
    cpe:2.3:a:vmware:workstation:4.5.2
  • VMWare VMWare 5
    cpe:2.3:a:vmware:workstation:5
  • cpe:2.3:a:vmware:workstation:5.0.0
    cpe:2.3:a:vmware:workstation:5.0.0
  • VMWare VMWare 5.5
    cpe:2.3:a:vmware:workstation:5.5
  • cpe:2.3:a:vmware:workstation:5.5.0
    cpe:2.3:a:vmware:workstation:5.5.0
  • VMWare VMWare Workstation 5.5.1
    cpe:2.3:a:vmware:workstation:5.5.1
  • VMWare VMWare 5.5.2
    cpe:2.3:a:vmware:workstation:5.5.2
  • VMWare VMWare 5.5.3
    cpe:2.3:a:vmware:workstation:5.5.3
  • VMWare VMWare 5.5.4
    cpe:2.3:a:vmware:workstation:5.5.4
  • VMWare VMWare 5.5.5
    cpe:2.3:a:vmware:workstation:5.5.5
  • VMWare VMWare 5.5.6
    cpe:2.3:a:vmware:workstation:5.5.6
  • VMWare VMWare 5.5.7
    cpe:2.3:a:vmware:workstation:5.5.7
  • VMWare VMWare 5.5.9
    cpe:2.3:a:vmware:workstation:5.5.8
  • VMWare VMWare 6.0
    cpe:2.3:a:vmware:workstation:6.0
  • VMWare Workstation 6.0.1
    cpe:2.3:a:vmware:workstation:6.0.1
  • VMWare Workstation 6.0.2
    cpe:2.3:a:vmware:workstation:6.0.2
  • VMWare Workstation 6.0.3
    cpe:2.3:a:vmware:workstation:6.0.3
  • VMWare Workstation 6.0.4
    cpe:2.3:a:vmware:workstation:6.0.4
  • VMWare Workstation 6.0.5
    cpe:2.3:a:vmware:workstation:6.0.5
  • cpe:2.3:a:vmware:workstation:6.5
    cpe:2.3:a:vmware:workstation:6.5
  • VMWare Workstation 6.5.1
    cpe:2.3:a:vmware:workstation:6.5.1
CVSS
Base: 6.8 (as of 13-04-2009 - 14:07)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201209-25.NASL
    description The remote host is affected by the vulnerability described in GLSA-201209-25 (VMware Player, Server, Workstation: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in VMware Player, Server, and Workstation. Please review the CVE identifiers referenced below for details. Impact : Local users may be able to gain escalated privileges, cause a Denial of Service, or gain sensitive information. A remote attacker could entice a user to open a specially crafted file, possibly resulting in the remote execution of arbitrary code, or a Denial of Service. Remote attackers also may be able to spoof DNS traffic, read arbitrary files, or inject arbitrary web script to the VMware Server Console. Furthermore, guest OS users may be able to execute arbitrary code on the host OS, gain escalated privileges on the guest OS, or cause a Denial of Service (crash the host OS). Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2019-02-07
    plugin id 62383
    published 2012-10-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62383
    title GLSA-201209-25 : VMware Player, Server, Workstation: Multiple vulnerabilities
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2009-0006.NASL
    description a. Host code execution vulnerability from a guest operating system A critical vulnerability in the virtual machine display function might allow a guest operating system to run code on the host. This issue is different from the vulnerability in a guest virtual device driver reported in VMware security advisory VMSA-2009-0005 on 2009-04-03. That vulnerability can cause a potential denial of service and is identified by CVE-2008-4916. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-1244 to this issue.
    last seen 2019-02-21
    modified 2018-08-15
    plugin id 40391
    published 2009-07-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40391
    title VMSA-2009-0006 : VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability
  • NASL family Windows
    NASL id VMWARE_MULTIPLE_VMSA_2009_0005.NASL
    description VMware products installed on the remote host are reportedly affected by multiple vulnerabilities : - A vulnerability in the guest virtual device driver could allow an attacker to use the guest operating system to crash the host operating system. (CVE-2008-3761) - A denial of service vulnerability affects an unspecified IOCTL contained in the 'hcmon.sys' driver. An attacker can exploit this in order to deny service on a Windows- based host. (CVE-2009-1146, CVE-2008-3761) - A privilege escalation vulnerability affects the 'vmci.sys' driver on Windows-based machines. An attacker can exploit this in order to gain escalated privileges on either the host or the guest. (CVE-2009-1147) - The 'VNnc' codec is affected by two heap-based buffer overflow vulnerabilities. An attacker can exploit these to execute arbitrary code on VMware hosted products by tricking a user into opening a malicious file. (CVE-2009-0909, CVE-2009-0910) - A vulnerability in ACE shared folder may allow attackers to enable previously disabled shared ACE folders. This only affects VMware ACE. (CVE-2009-0908) - A remote denial of service vulnerability affects Windows hosts. An attacker can exploit this to crash the affected host. (CVE-2009-0177) - A vulnerability in the virtual machine display function may allow a guest operating system to run code on the host. (CVE-2009-1244) - A vulnerability in VMware Descheduled Time Accounting Service could be exploited to trigger a denial of service condition in Windows-based virtual machines. It should be noted that, this feature is optional, and the vulnerability can be exploited only if the feature is installed, and the affected service is not running in the virtual machine. (CVE-2009-1805)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 36117
    published 2009-04-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36117
    title VMware Products Multiple Vulnerabilities (VMSA-2009-0005/VMSA-2009-0007)
oval via4
accepted 2009-11-09T04:00:34.291-05:00
class vulnerability
contributors
name Michael Wood
organization Hewlett-Packard
definition_extensions
  • comment VMWare ESX Server 3.0.3 is installed
    oval oval:org.mitre.oval:def:6026
  • comment VMWare ESX Server 3.0.2 is installed
    oval oval:org.mitre.oval:def:5613
  • comment VMware ESX Server 3.5.0 is installed
    oval oval:org.mitre.oval:def:5887
description Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.
family unix
id oval:org.mitre.oval:def:6065
status accepted
submitted 2009-09-23T15:39:02.000-04:00
title VMware Multiple Hosted Products Display Function Code Execution Vulnerability
version 4
refmap via4
bid 34471
bugtraq 20090410 VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability
confirm http://www.vmware.com/security/advisories/VMSA-2009-0006.html
gentoo GLSA-201209-25
mlist [security-announce] 20090410 VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability
osvdb 53634
sectrack 1022031
vupen ADV-2009-0944
xf vmware-virtualmachine-code-execution(49834)
Last major update 14-05-2013 - 22:55
Published 13-04-2009 - 12:30
Last modified 30-10-2018 - 12:25
Back to Top