CVE-2004-2515

Published: Dec 31, 2004Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Format string vulnerability in VMware Workstation 4.5.2 build-8848, if running with elevated privileges, might allow local users to execute arbitrary code via format string specifiers in command line arguments. NOTE: it is not clear if there are any default or typical circumstances under which VMware would be running with privileges beyond those already available to the attackers, so this might not be a vulnerability.

Affected (1)

Products: Vmware: Workstation

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Vmware Workstation	Version 4.5.2_build_8848

References (8)

http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1320.html

Source: cve@mitre.org

Exploit

http://www.osvdb.org/12169

Source: cve@mitre.org

http://www.securityfocus.com/bid/11737

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/18297

Source: cve@mitre.org

http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1320.html

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.osvdb.org/12169

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/11737

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/18297

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.