The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.
cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:* versions up to 2.5.1 (inclusive)
cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:* versions up to 2.0.3 (inclusive)
cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:* versions up to 2.5.1 (inclusive)
cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:* versions up to 6.5.1 (inclusive)
|62383||GLSA-201209-25 : VMware Player, Server, Workstation: Multiple vulnerabilities||Nessus||Gentoo Local Security Checks|
|40391||VMSA-2009-0006 : VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability||Nessus||VMware ESX Local Security Checks|
|36117||VMware Products Multiple Vulnerabilities (VMSA-2009-0005/VMSA-2009-0007)||Nessus||Windows|