Vulnerabilities

VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware... (PC1-2009-0898)

Vulnerability chart	Risk level Low Medium High Extreme Severe Warning: security vulnerability level = severe 26 vulnerabilities(-y) found between 28 December, 2005 and 2 November, 2009. VMware Player points to free desktop virtualization software application that... more A vulnerability in an ioctl in hcmon.sys was found in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745.
Remote Access Yes, patch is available Patch is easy to implement

Description:	By using this vulnerability, local users are able to execute a denial of service through unspecified vectors.
Impact:	With the help of such vulnerability, users might be able to break up a service.
Solution:	If users have encountered such type of vulnerability, we recommend to review the latest patch or release notes of the software products.
References:	http://seclists.org/fulldisclosure/2009/Apr/0036.html http://lists.vmware.com/pipermail/security-announce/2009/000054.html http://www.securityfocus.com/bid/34373

CVSS Severity		CVSS Version 2 Metrics:
CVSS v2 Base Score:	4.9 (MEDIUM)	Access Vector:	N/A
Impact Subscore:	6.9	Access Complexity:	Low **NOTE: Access Complexity scored Low due to insufficient information
Exploitability Subscore:	3.9	Authentication:	Not required to exploit
		Impact Type:	Allows disruption of serviceUnknown