CVE-2014-8370
VMware Player 6.x < 6.0.5 - Privilege Escalation and Arbitrary File Write via Configuration File Modification
Title source: llmDescription
VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file.
References (10)
Core 10
Core References
Third Party Advisory, VDB Entry third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN88252465/index.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1031642
Third Party Advisory, VDB Entry third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007
Patch, Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2015-0001.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62605
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/72338
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/100933
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62551
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1031643
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62669
Scores
EPSS
0.0117
EPSS Percentile
78.9%
Details
CWE
CWE-264
Status
published
Products (18)
vmware/esxi
5.0 (3 CPE variants)
vmware/esxi
5.1 (2 CPE variants)
vmware/esxi
5.5
vmware/fusion
6.0
vmware/fusion
6.0.1
vmware/fusion
6.0.2
vmware/fusion
6.0.3
vmware/fusion
6.0.4
vmware/player
6.0
vmware/player
6.0.1
... and 8 more
Published
Jan 29, 2015
Tracked Since
Feb 18, 2026