{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-02-07T00:00:00", "descriptions": [{"lang": "en", "value": "The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "oval:org.mitre.oval:def:17164", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17164"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2013-0002.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-1406", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "oval:org.mitre.oval:def:17164", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17164"}, {"name": "http://www.vmware.com/security/advisories/VMSA-2013-0002.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2013-0002.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:57:05.143Z"}, "title": "CVE Program Container", "references": [{"name": "oval:org.mitre.oval:def:17164", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17164"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/security/advisories/VMSA-2013-0002.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-1406", "datePublished": "2013-02-11T22:00:00", "dateReserved": "2013-01-19T00:00:00", "dateUpdated": "2024-08-06T14:57:05.143Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "FCE22BB0-F375-4883-BF6C-5A6369694EF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:8.0.0.18997:*:*:*:*:*:*:*", "matchCriteriaId": "01483038-BC89-44BA-B07B-362FC5D7E8C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "AD913295-9302-425A-A9E1-B0DF76AD3069", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:8.0.1.27038:*:*:*:*:*:*:*", "matchCriteriaId": "B671AC17-7064-4541-ADB3-FCD72109C766", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:8.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "51B6CAE2-A396-40C8-8FF0-D9EC64D5C9A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:8.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "21644868-F1B0-4A8E-BE73-4F42BEB8E834", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:8.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "4944D9B1-A48B-4F32-951E-BEC3FEAC45FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "B439F706-27F8-4238-9396-B460EB78B6DC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:fusion:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "F74559CB-6E52-421F-88F3-739913C26C8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:fusion:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4870DAA2-6670-47EF-BF74-6E39B92E75DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:fusion:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "70C64B80-4928-4ABA-AF4E-1977C252BAEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:fusion:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "A8C8358B-4543-431C-B894-BD2CA04AD97C", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:fusion:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4EEF165A-4E09-4FF0-A577-FF429BCCF588", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:fusion:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FDC22BC2-DC74-4322-929C-7F82C083C1C7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:view:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B7952E0E-6986-48BF-865C-189033AEB91E", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:view:4.0.0:u2:*:*:*:*:*:*", "matchCriteriaId": "9D0C4BA2-E018-4C74-B259-E0CE3109A864", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:view:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "4DE652F1-BC10-497D-A244-D893A148483D", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:view:4.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "4346ED63-851E-43E9-933D-7CCAFA43B17B", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:view:4.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "7373CD57-520C-46D9-9728-28E976AA87FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:view:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "08133352-C2AE-4656-8A41-2D054F8DC820", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:view:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0B8E256-7371-4702-96AC-3A72A364D88A", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:view:5.0.0:u2:*:*:*:*:*:*", "matchCriteriaId": "B6E0DE85-7C49-4446-9407-1778F438806B", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:view:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "F21D6157-BB2F-4D13-871C-654287765ABC", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:view:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "45F2841C-51B4-49EA-B6F6-8C67525233A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:view:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F1A41C1B-AD58-42DD-8975-3CD6F0A34C15", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:4.0:1:*:*:*:*:*:*", "matchCriteriaId": "0A4E41C0-31FA-47AA-A9BF-B9A6C1D44801", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:4.0:2:*:*:*:*:*:*", "matchCriteriaId": "AF016EE7-083A-4D62-A6D4-2807EB47B6DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:4.0:3:*:*:*:*:*:*", "matchCriteriaId": "8F11844A-3C6C-4AA5-87DC-979AFF62867A", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:4.0:4:*:*:*:*:*:*", "matchCriteriaId": "AC463653-A599-45CF-8EA9-8854D5C59963", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "4BDE707D-A1F4-4829-843E-F6633BB84D6D", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:4.1:1:*:*:*:*:*:*", "matchCriteriaId": "4DC5C2BF-6EC6-436F-A925-469E87249C8A", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:4.1:2:*:*:*:*:*:*", "matchCriteriaId": "7BCE5DA9-BB88-4169-B77C-40B1F98D511A", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:5.0:1:*:*:*:*:*:*", "matchCriteriaId": "7C5A1C2B-119E-49F3-B8E6-0610EE1C445C", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:5.0:2:*:*:*:*:*:*", "matchCriteriaId": "AF29B5A4-6E4C-4EAE-BC6A-0DD44262EE35", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "7217CBE1-3882-4045-A15C-EE7D4174CA00", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors."}, {"lang": "es", "value": "La implementaci\u00f3n en vmci.sys en el Virtual Machine Communication Interface (VMCI) en VMware Workstation v8.x anterior a v8.0.5 y v9.x anterior a v9.0.1 para Windows, VMware Fusion v4.1 anterior a v4.1.4 y 5.0 anterior a v5.0.2, VMware View v4.x anterior a v4.6.2 y v5.x anterior a v5.1.2 para Windows, VMware ESXi v4.0 a la v5.1, y VMware ESX v4.0 y v4.1, no restringe adecuadamente la asignaci\u00f3n de memoria por control c\u00f3digo, lo que permite a usuarios locales elevar sus privilegios a trav\u00e9s de vectores no especificados."}], "id": "CVE-2013-1406", "lastModified": "2017-09-19T01:36:04.763", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-02-11T22:55:01.413", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2013-0002.html"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17164"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}