| Title | 複数の VMware 製品におけるメモリ破損の脆弱性 |
|---|---|
| Summary | 複数の VMware 製品には、仮想ハードウェアのリクエストを送信することにより、任意 physical-memory の書込み操作を誘発され、メモリの破損を引き起こされる脆弱性が存在します。 |
| Possible impacts | ゲスト OS ユーザーにより、メモリの破損を引き起こされる可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | Dec. 2, 2008, midnight |
| Registration Date | Sept. 13, 2010, 4:01 p.m. |
| Last Update | Sept. 13, 2010, 4:01 p.m. |
| CVSS2.0 : 危険 | |
| Score | 7.2 |
|---|---|
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
| VMware |
| VMware ACE 1.x |
| VMware ACE 2.0.x |
| VMware ESX 3.0.2 |
| VMware ESX 3.0.3 |
| VMware ESX 3.5 |
| VMware ESXi 3.5 |
| VMware Fusion 1.x |
| VMware Player 1.x |
| VMware Player 2.0.x |
| VMware Server 1.x |
| VMware Workstation 5.x |
| VMware Workstation 6.0.x |
| No | Changed Details | Date of change |
|---|---|---|
| 0 | [2010年09月13日] 掲載 |
Feb. 17, 2018, 10:37 a.m. |
| Summary | Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption. |
|---|---|
| Publication Date | Dec. 9, 2008, 9:30 a.m. |
| Registration Date | Jan. 29, 2021, 1:44 p.m. |
| Last Update | Nov. 2, 2018, 10:44 p.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:a:vmware:esx:*:*:*:*:*:*:*:* | 3.0.2 | 3.5 | |||
| cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:* | 1.0.0 | 1.0.8 | |||
| cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:* | 2.0 | 2.0.5 | |||
| cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:* | 1.0 | 1.0.9 | |||
| cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:* | 5.5 | 5.5.8 | |||
| cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:* | 6.0 | 6.0.5 | |||