7.1

CVE-2008-1340

EPSS 0.94%
Veröffentlicht 20.03.2008 00:44:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 16

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

VMware ≫ Ace Version1.0

VMware ≫ Ace Version2.0

VMware ≫ Player Version1.0.2

VMware ≫ Player Version1.0.3

VMware ≫ Player Version1.0.4

VMware ≫ Player Version1.0.5

VMware ≫ Player Version2.0

VMware ≫ Player Version2.0.1

VMware ≫ Player Version2.0.2

VMware ≫ Server Version1.0.3

VMware ≫ Vmware Server Version1.0.2

VMware ≫ Vmware Server Version1.0.4

VMware ≫ Vmware Workstation Version5.5.5

VMware ≫ Vmware Workstation Version6.0.1

VMware ≫ Vmware Workstation Version6.0.2

VMware ≫ Workstation Version5.5

VMware ≫ Workstation Version5.5.3_build_34685

VMware ≫ Workstation Version5.5.3_build_42958

VMware ≫ Workstation Version5.5.4

VMware ≫ Workstation Version5.5.4_build_44386

VMware ≫ Workstation Version6.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.94%	0.742

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.1	8.6	6.9	AV:N/AC:M/Au:N/C:N/I:N/A:C

http://lists.vmware.com/pipermail/security-announce/2008/000008.html

Patch

http://www.securityfocus.com/archive/1/489739/100/0/threaded

http://www.securityfocus.com/bid/28276

Patch

http://www.vmware.com/security/advisories/VMSA-2008-0005.html

Patch

http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html

Patch

http://www.vmware.com/support/player2/doc/releasenotes_player2.html

Patch

http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html

Patch

http://www.vupen.com/english/advisories/2008/0905/references

http://security.gentoo.org/glsa/glsa-201209-25.xml

http://www.securityfocus.com/bid/28289

http://securityreason.com/securityalert/3755

http://securitytracker.com/id?1019624

https://exchange.xforce.ibmcloud.com/vulnerabilities/41250

https://nvd.nist.gov/vuln/detail/CVE-2008-1340

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-1340

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-1340

EUVD