Description
hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 uses the METHOD_NEITHER communication method for IOCTLs, which allows local users to cause a denial of service via a crafted IOCTL request.
Exploits (1)
References (11)
Core 11
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44539
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/4177
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2009/Apr/0036.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/30737
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/34373
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1020715
Various Sources x_refsource_misc
http://www.orange-bat.com/adv/2008/adv.08.17.txt
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0944
Various Sources mailing-list
x_refsource_mlist
http://lists.vmware.com/pipermail/security-announce/2009/000054.html
Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2009-0005.html
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/6262
Scores
EPSS
0.0018
EPSS Percentile
39.4%
Details
CWE
CWE-20
Status
published
Products (1)
vmware/vmware_workstation
6.0.0.45731
Published
Aug 21, 2008
Tracked Since
Feb 18, 2026