Unrated severityNVD Advisory· Published Nov 2, 2009· Updated Apr 23, 2026

CVE-2009-2267

Description

VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.0.6 build 196839, VMware ESXi 3.5 and 4.0, and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0, when Virtual-8086 mode is used, do not properly set the exception code upon a page fault (aka #PF) exception, which allows guest OS users to gain privileges on the guest OS by specifying a crafted value for the cs register.

Affected products

VMware/Ace3 versions
cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*
VMware/Esx4 versions
cpe:2.3:a:vmware:esx:2.5.5:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:vmware:esx:2.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:esx:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:esx:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*
VMware/Esxi2 versions
cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*
VMware/Fusion6 versions
cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:2.0.5:*:*:*:*:*:*:*
VMware/Player3 versions
cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*
VMware/Server13 versions
cpe:2.3:a:vmware:server:1.0:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:vmware:server:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:server:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:server:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:server:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:server:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:server:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:server:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:server:1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:server:1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:server:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:server:2.0:rc2:*:*:*:*:*:*
VMware/Workstation3 versions
cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.vmware.com/security/advisories/VMSA-2009-0015.htmlnvdPatchVendor Advisory
www.securityfocus.com/bid/36841nvdExploit
lists.vmware.com/pipermail/security-announce/2009/000069.htmlnvdVendor Advisory
secunia.com/advisories/37172nvdVendor Advisory
www.vupen.com/english/advisories/2009/3062nvdVendor Advisory
security.gentoo.org/glsa/glsa-201209-25.xmlnvd
securitytracker.com/idnvd
securitytracker.com/idnvd
www.securityfocus.com/archive/1/507523/100/0/threadednvd
www.securityfocus.com/archive/1/507539/100/0/threadednvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8473nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000