Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4915

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2008-4915
Last Modified 14 May 2013 10:47:08
Published 10 Nov 2008 09:12:55
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4915

Summary

The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS.

Vulnerable Systems

Application

  • Vmware Ace 1.0

  • Vmware Ace 1.0.1

  • Vmware Ace 1.0.2

  • Vmware Ace 1.0.3

  • Vmware Ace 1.0.4

  • Vmware Ace 1.0.5

  • Vmware Ace 1.0.6

  • Vmware Ace 1.0.7

  • Vmware Ace 2.0

  • Vmware Ace 2.0.1

  • Vmware Ace 2.0.2

  • Vmware Ace 2.0.3

  • Vmware Ace 2.0.4

  • Vmware Ace 2.0.5

  • Vmware Esx 2.5.4

  • Vmware Esx 2.5.5

  • Vmware Esx 3.0.2

  • Vmware Esx 3.0.3

  • Vmware Esx 3.5

  • Vmware Esxi 3.5

  • Vmware Player 1.0

  • Vmware Player 1.0.1

  • Vmware Player 1.0.2

  • Vmware Player 1.0.3

  • Vmware Player 1.0.4

  • Vmware Player 1.0.5

  • Vmware Player 1.0.6

  • Vmware Player 1.0.7

  • Vmware Player 2.0

  • Vmware Player 2.0.1

  • Vmware Player 2.0.2

  • Vmware Player 2.0.3

  • Vmware Player 2.0.4

  • Vmware Server 1.0

  • Vmware Server 1.0.1

  • Vmware Server 1.0.2

  • Vmware Server 1.0.3

  • Vmware Server 1.0.4

  • Vmware Server 1.0.5

  • Vmware Server 1.0.6

  • Vmware Server 1.0.7

  • Vmware Server 1.0.8

  • Vmware Workstation 5

  • Vmware Workstation 5.5

  • Vmware Workstation 5.5.1

  • Vmware Workstation 5.5.2

  • Vmware Workstation 5.5.3

  • Vmware Workstation 5.5.4

  • Vmware Workstation 5.5.5

  • Vmware Workstation 5.5.6

  • Vmware Workstation 5.5.7

  • Vmware Workstation 5.5.8

  • Vmware Workstation 6.0

  • Vmware Workstation 6.0.1

  • Vmware Workstation 6.0.2

  • Vmware Workstation 6.0.3

  • Vmware Workstation 6.0.4

  • Vmware Workstation 6.0.5


References

XF - vmware-cpuhardware-priv-escalation(46415)

VUPEN - ADV-2008-3052

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0018.html

SECTRACK - 1021154

BID - 32168

BUGTRAQ - 20081107 VMSA-2008-0018 VMware Hosted products and patches for ESX and ESXi resolve two security issues

SECUNIA - 32624

SECUNIA - 32612

MLIST - [Security-announce] 20081106 VMSA-2008-0018 VMware Hosted products and patches for ESX and ESXi resolve two security issues

GENTOO - GLSA-201209-25


Last Updated: 27 May 2016 11:02:25