Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2098

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2008-2098
Last Modified 14 May 2013 10:41:07
Published 02 Jun 2008 05:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2098

Summary

Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when folder sharing is used, allows guest OS users to execute arbitrary code on the host OS via unspecified vectors.

Vulnerable Systems

Application

  • Vmware Ace 2 2.0

  • Vmware Ace 2 2.01

  • Vmware Fusion 1.1

  • Vmware Fusion 1.1.1

  • Vmware Player 2 2.0

  • Vmware Player 2 2.01

  • Vmware Player 2 2.02

  • Vmware Player 2 2.03

  • Vmware Workstation 6.0

  • Vmware Workstation 6.0.1

  • Vmware Workstation 6.0.2

  • Vmware Workstation 6.03


References

XF - vmware-hgfs-bo(42753)

VUPEN - ADV-2008-1707

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0008.html

SECTRACK - 1020148

BUGTRAQ - 20080530 VMSA-2008-0008 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues

SECUNIA - 30476

GENTOO - GLSA-201209-25


Last Updated: 27 May 2016 10:53:48