Vmware View vulnerabilities

CVE-2013-1406 [HIGH] CWE-20 CVE-2013-1406: The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory al

CVE-2012-5978 [MEDIUM] CWE-22 CVE-2012-5978: Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors.

CVE-2012-1666 [MEDIUM] CVE-2012-1666: Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Playe Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory.

CVE-2012-1509 [HIGH] CWE-119 CVE-2012-1509: Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors.

CVE-2012-1508 [HIGH] CWE-264 CVE-2012-1508: The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View be The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

CVE-2012-1510 [HIGH] CWE-119 CVE-2012-1510: Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors.

CVE-2012-1511 [MEDIUM] CWE-79 CVE-2012-1511: Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows r Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.