Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2100

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-2100
Last Modified 14 May 2013 10:41:08
Published 05 Jun 2008 04:32:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-2100

Summary

Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.

Vulnerable Systems

Application

  • Vmware Ace 1.0

  • Vmware Ace 1.0.0

  • Vmware Ace 1.0.1

  • Vmware Ace 1.0.2

  • Vmware Ace 1.0.3

  • Vmware Ace 1.0.3 Build 54075

  • Vmware Ace 1.0.4

  • Vmware Ace 1.0.5

  • Vmware Ace 2.0

  • Vmware Ace 2.0.1

  • Vmware Ace 2.0.2

  • Vmware Ace 2.0.3

  • Vmware Esx Server 3.0.0

  • Vmware Esx Server 3.0.1

  • Vmware Esx Server 3.0.2

  • Vmware Esx Server 3.1

  • Vmware Esx Server 3.2

  • Vmware Esx Server 3.3

  • Vmware Esx Server 3.5

  • Vmware Esxi 3.5

  • Vmware Fusion 1.0

  • Vmware Fusion 1.1

  • Vmware Fusion 1.1.1

  • Vmware Player 1.0.0

  • Vmware Player 1.0.1

  • Vmware Player 1.0.2

  • Vmware Player 1.0.3

  • Vmware Player 1.0.4

  • Vmware Player 1.0.5

  • Vmware Player 1.0.6

  • Vmware Player 2.0

  • Vmware Player 2.0.1

  • Vmware Player 2.0.2

  • Vmware Player 2.0.3

  • Vmware Server 1.0.0

  • Vmware Server 1.0.1

  • Vmware Server 1.0.1 Build 29996

  • Vmware Server 1.0.2

  • Vmware Server 1.0.3

  • Vmware Server 1.0.4

  • Vmware Server 1.0.4 Build 56528

  • Vmware Server 1.0.5

  • Vmware Workstation 5.0

  • Vmware Workstation 5.0.0 Build 13124

  • Vmware Workstation 5.5

  • Vmware Workstation 5.5.0

  • Vmware Workstation 5.5.0 Build 13124

  • Vmware Workstation 5.5.1

  • Vmware Workstation 5.5.1 Build 19175

  • Vmware Workstation 5.5.2

  • Vmware Workstation 5.5.3

  • Vmware Workstation 5.5.3 Build 34685

  • Vmware Workstation 5.5.3 Build 42958

  • Vmware Workstation 5.5.4

  • Vmware Workstation 5.5.4 Build 44386

  • Vmware Workstation 5.5.5

  • Vmware Workstation 5.5.5 Build 56455

  • Vmware Workstation 5.5.6

  • Vmware Workstation 6.0

  • Vmware Workstation 6.0.1

  • Vmware Workstation 6.0.1 Build 55017

  • Vmware Workstation 6.0.2

  • Vmware Workstation 6.0.3


References

XF - vmware-vixapi-multiple-unspecified-bo(42872)

VUPEN - ADV-2008-1744

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0009.html

BID - 29552

BUGTRAQ - 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues

SECTRACK - 1020200

SREASON - 3922

SECUNIA - 30556

GENTOO - GLSA-201209-25

Related Patches

VMware VMSA 2008-0009.2 VMware Fusion 2.0.1 Update for Mac (Rev 2)


Last Updated: 27 May 2016 11:02:25