CVE-2013-3519

lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows guest OS is used, allows guest OS users to gain guest OS privileges via an application that performs a crafted memory allocation.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:5.1:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:vmware:workstation:9.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:9.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:9.0.2:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:vmware:player:5.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:5.0.2:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:vmware:fusion:5.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:5.0.3:*:*:*:*:*:*:*

History

21 Nov 2024, 01:53

Type Values Removed Values Added
References () http://www.vmware.com/security/advisories/VMSA-2013-0014.html - Vendor Advisory () http://www.vmware.com/security/advisories/VMSA-2013-0014.html - Vendor Advisory

Information

Published : 2013-12-04 18:56

Updated : 2024-11-21 01:53


NVD link : CVE-2013-3519

Mitre link : CVE-2013-3519

CVE.ORG link : CVE-2013-3519


JSON object : View

Products Affected

vmware

  • esxi
  • player
  • esx
  • fusion
  • workstation
CWE
CWE-264

Permissions, Privileges, and Access Controls