Privilege Escalation in VMware Products due to Virtual-8086 Mode Error
CVE-2009-2267

Currently unrated

Key Information:

Vendor

Vmware
Status
Ace
Player
Fusion
Server
Vendor
CVE Published:
2 November 2009

What is CVE-2009-2267?

VMware products, including Workstation, Player, ACE, and ESXi, are susceptible to a privilege escalation vulnerability when utilizing Virtual-8086 mode. This flaw occurs due to improper handling of page faults, allowing malicious users within the guest operating system to exploit crafted values for the cs register. By doing so, they can gain unauthorized privileges, compromising the security of the virtualized environment. Users are advised to update to the latest versions to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://security.gentoo.org/glsa/glsa-201209-25.xml
vendor-advisoryx_refsource_GENTOO
http://www.vupen.com/english/advisories/2009/3062
vdb-entryx_refsource_VUPEN
http://lists.vmware.com/pipermail/security-announce/2009/...
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.