CVE-2015-1044
First published: Thu Jan 29 2015(Updated: )
vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of service via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware Workstation and ESXi | =10.0 | |
| VMware Workstation and ESXi | =10.0.1 | |
| VMware Workstation and ESXi | =10.0.2 | |
| VMware Workstation and ESXi | =10.0.3 | |
| VMware Workstation and ESXi | =10.0.4 | |
| VMware ESXi | =5.0 | |
| VMware ESXi | =5.0-1 | |
| VMware ESXi | =5.0-2 | |
| VMware ESXi | =5.1 | |
| VMware ESXi | =5.1-1 | |
| VMware ESXi | =5.5 | |
| VMware Player | =6.0 | |
| VMware Player | =6.0.1 | |
| VMware Player | =6.0.2 | |
| VMware Player | =6.0.3 | |
| VMware Player | =6.0.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/62551
- http://secunia.com/advisories/62569
- http://secunia.com/advisories/62669
- http://www.securityfocus.com/bid/72336
- http://www.securitytracker.com/id/1031645
- http://www.securitytracker.com/id/1031646
- http://www.vmware.com/security/advisories/VMSA-2015-0001.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100935
Frequently Asked Questions
What is the severity of CVE-2015-1044?
CVE-2015-1044 has been rated as a medium severity vulnerability due to its ability to cause denial of service on the host OS.
How do I fix CVE-2015-1044?
To fix CVE-2015-1044, upgrade to VMware Workstation 10.0.5 or later, VMware Player 6.0.5 or later, or VMware ESXi 5.5 update 3.
What versions are affected by CVE-2015-1044?
CVE-2015-1044 affects VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi versions 5.0 through 5.5.
What type of attack does CVE-2015-1044 enable?
CVE-2015-1044 allows attackers to execute denial of service attacks against the host operating system.
Is CVE-2015-1044 related to specific VMware products?
Yes, CVE-2015-1044 specifically impacts VMware Workstation, VMware Player, and VMware ESXi software.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/last-modified-date
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/vmware
- canonical/vmware workstation and esxi
- version/vmware workstation and esxi/10.0
- version/vmware workstation and esxi/10.0.1
- version/vmware workstation and esxi/10.0.2
- version/vmware workstation and esxi/10.0.3
- version/vmware workstation and esxi/10.0.4
- canonical/vmware esxi
- version/vmware esxi/5.0
- version/vmware esxi/5.0-1
- version/vmware esxi/5.0-2
- version/vmware esxi/5.1
- version/vmware esxi/5.1-1
- version/vmware esxi/5.5
- canonical/vmware player
- version/vmware player/6.0
- version/vmware player/6.0.1
- version/vmware player/6.0.2
- version/vmware player/6.0.3
- version/vmware player/6.0.4