U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:vmware:server:1.0.1_build_29996:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 26 matching records.
Displaying matches 21 through 26.
Vuln ID Summary CVSS Severity
CVE-2007-4496

Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly execute arbitrary code on the host operating system via unspecified vectors.

Published: September 21, 2007; 3:17:00 PM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 6.5 MEDIUM
CVE-2007-4497

Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users with login access to a guest operating system to cause a denial of service (guest outage and host process crash or hang) via unspecified vectors.

Published: September 21, 2007; 3:17:00 PM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 5.5 MEDIUM
CVE-2007-5023

Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious "program.exe" file in the C: folder.

Published: September 21, 2007; 3:17:00 PM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 6.9 MEDIUM
CVE-2007-2491

The PIIX4 power management subsystem in EMC VMware Workstation 5.5.3.34685 and VMware Server 1.0.1.29996 allows local users to write to arbitrary memory locations via a crafted poke to I/O port 0x1004, triggering a denial of service (virtual machine crash) or other unspecified impact, a related issue to CVE-2007-1337.

Published: May 03, 2007; 8:19:00 PM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2006-3589

vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.

Published: July 21, 2006; 10:03:00 AM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 3.6 LOW
CVE-2006-2662

VMware Server before RC1 does not clear user credentials from memory after a console connection is made, which might allow local attackers to gain privileges.

Published: June 02, 2006; 6:18:00 AM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 4.6 MEDIUM