7.2
CVE-2008-2100
- EPSS 0.6%
- Veröffentlicht 05.06.2008 20:32:00
- Zuletzt bearbeitet 16.06.2026 22:53:06
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VMware ≫ Esx Server Version3.0
VMware ≫ Esx Server Version3.5
VMware ≫ Workstation Version >= 5.5 <= 5.5.6
VMware ≫ Workstation Version >= 6.0 <= 6.0.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.6% | 0.439 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://www.securityfocus.com/archive/1/493080/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2008-0009.html
http://www.vupen.com/english/advisories/2008/1744
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://secunia.com/advisories/30556
http://securityreason.com/securityalert/3922
http://securitytracker.com/id?1020200
http://www.securityfocus.com/bid/29552
https://exchange.xforce.ibmcloud.com/vulnerabilities/42872
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5081
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5647