6.9

CVE-2008-0967

EPSS 0.07%
Veröffentlicht 05.06.2008 20:32:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 15

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

VMware ≫ Esx Server Version2.5.5

VMware ≫ Esx Server Version3.1

VMware ≫ Esx Server Version3.2

VMware ≫ Esx Server Version3.3

VMware ≫ Esx Server Version3.5

VMware ≫ Esxi Version3.5

VMware ≫ Player Version1.0.0

VMware ≫ Player Version1.0.1

VMware ≫ Player Version1.0.2

VMware ≫ Player Version1.0.3

VMware ≫ Player Version1.0.4

VMware ≫ Player Version1.0.5

VMware ≫ Player Version1.0.6

VMware ≫ Player Version2.0

VMware ≫ Player Version2.0.1

VMware ≫ Player Version2.0.2

VMware ≫ Player Version2.0.3

VMware ≫ Server Version1.0.3

VMware ≫ Vmware Server Version1.0.0

VMware ≫ Vmware Server Version1.0.1

VMware ≫ Vmware Server Version1.0.2

VMware ≫ Vmware Server Version1.0.4

VMware ≫ Vmware Server Version1.0.5

VMware ≫ Vmware Workstation Version5.5.0

VMware ≫ Vmware Workstation Version5.5.2

VMware ≫ Vmware Workstation Version5.5.5

VMware ≫ Vmware Workstation Version5.5.6

VMware ≫ Vmware Workstation Version6.0.1

VMware ≫ Vmware Workstation Version6.0.2

VMware ≫ Vmware Workstation Version6.0.3

VMware ≫ Workstation Version5.5.1

VMware ≫ Workstation Version5.5.3

VMware ≫ Workstation Version5.5.4

VMware ≫ Workstation Version6.0

VMware ≫ Esx Version3.0.0

VMware ≫ Esx Version3.0.1

VMware ≫ Esx Version3.0.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.226

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

http://www.securityfocus.com/archive/1/493080/100/0/threaded

http://www.vmware.com/security/advisories/VMSA-2008-0009.html

Vendor Advisory

http://www.vupen.com/english/advisories/2008/1744

Vendor Advisory

http://security.gentoo.org/glsa/glsa-201209-25.xml

http://secunia.com/advisories/30556

Vendor Advisory

http://securityreason.com/securityalert/3922

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713

http://securitytracker.com/id?1020198

http://www.securityfocus.com/bid/29557

https://exchange.xforce.ibmcloud.com/vulnerabilities/42878

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583

https://nvd.nist.gov/vuln/detail/CVE-2008-0967

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-0967

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-0967

EUVD