7.1

CVE-2008-1340

EPSS 0.94%
Published 20.03.2008 00:44:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption."

Affected products Warnungen 0 Metrics 2 CWE 0 References 16

Data is provided by the National Vulnerability Database (NVD)

VMware ≫ Ace Version1.0

VMware ≫ Ace Version2.0

VMware ≫ Player Version1.0.2

VMware ≫ Player Version1.0.3

VMware ≫ Player Version1.0.4

VMware ≫ Player Version1.0.5

VMware ≫ Player Version2.0

VMware ≫ Player Version2.0.1

VMware ≫ Player Version2.0.2

VMware ≫ Server Version1.0.3

VMware ≫ Vmware Server Version1.0.2

VMware ≫ Vmware Server Version1.0.4

VMware ≫ Vmware Workstation Version5.5.5

VMware ≫ Vmware Workstation Version6.0.1

VMware ≫ Vmware Workstation Version6.0.2

VMware ≫ Workstation Version5.5

VMware ≫ Workstation Version5.5.3_build_34685

VMware ≫ Workstation Version5.5.3_build_42958

VMware ≫ Workstation Version5.5.4

VMware ≫ Workstation Version5.5.4_build_44386

VMware ≫ Workstation Version6.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.94%	0.742

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.1	8.6	6.9	AV:N/AC:M/Au:N/C:N/I:N/A:C

http://lists.vmware.com/pipermail/security-announce/2008/000008.html

Patch

http://www.securityfocus.com/archive/1/489739/100/0/threaded

http://www.securityfocus.com/bid/28276

Patch

http://www.vmware.com/security/advisories/VMSA-2008-0005.html

Patch

http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html

Patch

http://www.vmware.com/support/player2/doc/releasenotes_player2.html

Patch

http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html

Patch

http://www.vupen.com/english/advisories/2008/0905/references

http://security.gentoo.org/glsa/glsa-201209-25.xml

http://www.securityfocus.com/bid/28289

http://securityreason.com/securityalert/3755

http://securitytracker.com/id?1019624

https://exchange.xforce.ibmcloud.com/vulnerabilities/41250

https://nvd.nist.gov/vuln/detail/CVE-2008-1340

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-1340

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-1340

EUVD