CVE-2013-1406
Summary
| CVE | CVE-2013-1406 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2013-02-11 22:55:00 UTC |
| Updated | 2017-09-19 01:36:00 UTC |
| Description | The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors. |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Microsoft | Windows | All | All | All | All |
| Operating System | Microsoft | Windows | All | All | All | All |
| Operating System | Vmware | Esx | 4.0 | All | All | All |
| Operating System | Vmware | Esx | 4.1 | All | All | All |
| Operating System | Vmware | Esx | 4.0 | All | All | All |
| Operating System | Vmware | Esx | 4.1 | All | All | All |
| Operating System | Vmware | Esxi | 4.0 | All | All | All |
| Operating System | Vmware | Esxi | 4.0 | 1 | All | All |
| Operating System | Vmware | Esxi | 4.0 | 2 | All | All |
| Operating System | Vmware | Esxi | 4.0 | 3 | All | All |
| Operating System | Vmware | Esxi | 4.0 | 4 | All | All |
| Operating System | Vmware | Esxi | 4.1 | All | All | All |
| Operating System | Vmware | Esxi | 4.1 | 1 | All | All |
| Operating System | Vmware | Esxi | 4.1 | 2 | All | All |
| Operating System | Vmware | Esxi | 5.0 | All | All | All |
| Operating System | Vmware | Esxi | 5.0 | 1 | All | All |
| Operating System | Vmware | Esxi | 5.0 | 2 | All | All |
| Operating System | Vmware | Esxi | 5.1 | All | All | All |
| Operating System | Vmware | Esxi | 4.0 | All | All | All |
| Operating System | Vmware | Esxi | 4.0 | 1 | All | All |
| Operating System | Vmware | Esxi | 4.0 | 2 | All | All |
| Operating System | Vmware | Esxi | 4.0 | 3 | All | All |
| Operating System | Vmware | Esxi | 4.0 | 4 | All | All |
| Operating System | Vmware | Esxi | 4.1 | All | All | All |
| Operating System | Vmware | Esxi | 4.1 | 1 | All | All |
| Operating System | Vmware | Esxi | 4.1 | 2 | All | All |
| Operating System | Vmware | Esxi | 5.0 | All | All | All |
| Operating System | Vmware | Esxi | 5.0 | 1 | All | All |
| Operating System | Vmware | Esxi | 5.0 | 2 | All | All |
| Operating System | Vmware | Esxi | 5.1 | All | All | All |
| Application | Vmware | Fusion | 4.1 | All | All | All |
| Application | Vmware | Fusion | 4.1.1 | All | All | All |
| Application | Vmware | Fusion | 4.1.2 | All | All | All |
| Application | Vmware | Fusion | 4.1.3 | All | All | All |
| Application | Vmware | Fusion | 5.0 | All | All | All |
| Application | Vmware | Fusion | 5.0.1 | All | All | All |
| Application | Vmware | Fusion | 4.1 | All | All | All |
| Application | Vmware | Fusion | 4.1.1 | All | All | All |
| Application | Vmware | Fusion | 4.1.2 | All | All | All |
| Application | Vmware | Fusion | 4.1.3 | All | All | All |
| Application | Vmware | Fusion | 5.0 | All | All | All |
| Application | Vmware | Fusion | 5.0.1 | All | All | All |
| Application | Vmware | View | 4.0.0 | All | All | All |
| Application | Vmware | View | 4.0.0 | u2 | All | All |
| Application | Vmware | View | 4.5 | All | All | All |
| Application | Vmware | View | 4.6.0 | All | All | All |
| Application | Vmware | View | 4.6.1 | All | All | All |
| Application | Vmware | View | 5.0 | All | All | All |
| Application | Vmware | View | 5.0.0 | All | All | All |
| Application | Vmware | View | 5.0.0 | u2 | All | All |
| Application | Vmware | View | 5.0.1 | All | All | All |
| Application | Vmware | View | 5.1.0 | All | All | All |
| Application | Vmware | View | 5.1.1 | All | All | All |
| Application | Vmware | View | 4.0.0 | All | All | All |
| Application | Vmware | View | 4.0.0 | u2 | All | All |
| Application | Vmware | View | 4.5 | All | All | All |
| Application | Vmware | View | 4.6.0 | All | All | All |
| Application | Vmware | View | 4.6.1 | All | All | All |
| Application | Vmware | View | 5.0 | All | All | All |
| Application | Vmware | View | 5.0.0 | All | All | All |
| Application | Vmware | View | 5.0.0 | u2 | All | All |
| Application | Vmware | View | 5.0.1 | All | All | All |
| Application | Vmware | View | 5.1.0 | All | All | All |
| Application | Vmware | View | 5.1.1 | All | All | All |
| Application | Vmware | Workstation | 8.0 | All | All | All |
| Application | Vmware | Workstation | 8.0.0.18997 | All | All | All |
| Application | Vmware | Workstation | 8.0.1 | All | All | All |
| Application | Vmware | Workstation | 8.0.1.27038 | All | All | All |
| Application | Vmware | Workstation | 8.0.2 | All | All | All |
| Application | Vmware | Workstation | 8.0.3 | All | All | All |
| Application | Vmware | Workstation | 8.0.4 | All | All | All |
| Application | Vmware | Workstation | 9.0 | All | All | All |
| Application | Vmware | Workstation | 8.0 | All | All | All |
| Application | Vmware | Workstation | 8.0.0.18997 | All | All | All |
| Application | Vmware | Workstation | 8.0.1 | All | All | All |
| Application | Vmware | Workstation | 8.0.1.27038 | All | All | All |
| Application | Vmware | Workstation | 8.0.2 | All | All | All |
| Application | Vmware | Workstation | 8.0.3 | All | All | All |
| Application | Vmware | Workstation | 8.0.4 | All | All | All |
| Application | Vmware | Workstation | 9.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| VMSA-2013-0002.1 | CONFIRM | www.vmware.com | Vendor Advisory |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.