7.2

CVE-2008-1363

EPSS 0.04%
Veröffentlicht 20.03.2008 00:44:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation of a config.ini file located in an Application Data folder, which can be used for "hijacking the VMX process."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 18

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

VMware ≫ Ace Version >= 1.0 < 1.0.5

Microsoft ≫ Windows

VMware ≫ Ace Version >= 2.0 < 2.0.1

Microsoft ≫ Windows

VMware ≫ Player Version >= 1.0.0 < 1.0.6

Microsoft ≫ Windows

VMware ≫ Player Version >= 2.0 < 2.0.3

Microsoft ≫ Windows

VMware ≫ Server Version >= 1.0 < 1.0.5

Microsoft ≫ Windows

VMware ≫ Workstation Version >= 5.5 < 5.5.6

Microsoft ≫ Windows

VMware ≫ Workstation Version >= 6.0 < 6.0.3

Microsoft ≫ Windows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.1

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://lists.vmware.com/pipermail/security-announce/2008/000008.html

Vendor Advisory

http://www.securityfocus.com/archive/1/489739/100/0/threaded

Third Party Advisory

VDB Entry

http://www.securityfocus.com/bid/28276

Patch

Third Party Advisory

VDB Entry

http://www.vmware.com/security/advisories/VMSA-2008-0005.html

Patch

Vendor Advisory

http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html

Patch

Vendor Advisory

http://www.vmware.com/support/player/doc/releasenotes_player.html

Patch

Vendor Advisory

http://www.vmware.com/support/player2/doc/releasenotes_player2.html

Patch

Vendor Advisory

http://www.vmware.com/support/server/doc/releasenotes_server.html

Patch

Vendor Advisory

http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html

Patch

Vendor Advisory

http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html

Patch

Vendor Advisory

http://www.vupen.com/english/advisories/2008/0905/references

Third Party Advisory

http://security.gentoo.org/glsa/glsa-201209-25.xml

Third Party Advisory

http://securityreason.com/securityalert/3755

Third Party Advisory

http://securitytracker.com/id?1019622

Third Party Advisory

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/41252

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2008-1363

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-1363

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-1363

EUVD