CVE-2020-3969

HIGH Year: 2020
CVSS v3 Score
7.8
High
CVSS v2 Score
4.4
Medium
Weakness Type
CWE-193
View all →

Vulnerability Description

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.

Related Vulnerabilities

CVE-2002-0653

HIGH
CVSS:7.8(High)

Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the ...

CWE-1932002

CVE-2002-0844

HIGH
CVSS:7.8(High)

Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code.

CWE-1932002

CVE-2004-0346

HIGH
CVSS:7.8(High)

Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows local users to gain privileges via a 1024 byte RETR command.

CWE-1932004

CVE-2010-5331

HIGH
CVSS:7.8(High)

In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this ...

CWE-1932010

CVE-2017-9720

HIGH
CVSS:7.8(High)

In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur.

CWE-1932017

CVE-2019-13305

HIGH
CVSS:7.8(High)

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.

CWE-1932019