CVE-2008-3892 (GCVE-0-2008-3892)
Vulnerability from cvelistv5
Published
2008-09-03 14:00
Modified
2024-08-07 09:53
Severity ?
CWE
  • n/a
Summary
Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a call to the GuestInfo method in which there is a long string argument, and an assignment of a long string value to the result of this call. NOTE: this may overlap CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, or CVE-2008-3696.
References
cve@mitre.org http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html Third Party Advisory
cve@mitre.org http://secunia.com/advisories/31707 Patch, Third Party Advisory
cve@mitre.org http://secunia.com/advisories/31708 Patch, Third Party Advisory
cve@mitre.org http://secunia.com/advisories/31709 Patch, Third Party Advisory
cve@mitre.org http://secunia.com/advisories/31710 Patch, Third Party Advisory
cve@mitre.org http://securityreason.com/securityalert/4202 Third Party Advisory
cve@mitre.org http://www.securityfocus.com/archive/1/495869/100/0/threaded Third Party Advisory, VDB Entry
cve@mitre.org http://www.securityfocus.com/bid/29503 Third Party Advisory, VDB Entry
cve@mitre.org http://www.securityfocus.com/bid/30934 Third Party Advisory, VDB Entry
cve@mitre.org http://www.vmware.com/support/ace/doc/releasenotes_ace.html Vendor Advisory
cve@mitre.org http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html Vendor Advisory
cve@mitre.org http://www.vmware.com/support/player/doc/releasenotes_player.html Vendor Advisory
cve@mitre.org http://www.vmware.com/support/player2/doc/releasenotes_player2.html Vendor Advisory
cve@mitre.org http://www.vmware.com/support/server/doc/releasenotes_server.html Vendor Advisory
cve@mitre.org http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html Vendor Advisory
cve@mitre.org http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html Vendor Advisory
cve@mitre.org http://www.vupen.com/english/advisories/2008/2466 Third Party Advisory
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/43062 VDB Entry
cve@mitre.org https://www.exploit-db.com/exploits/6345 Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108 http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/31707 Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/31708 Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/31709 Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/31710 Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://securityreason.com/securityalert/4202 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/495869/100/0/threaded Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/29503 Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/30934 Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108 http://www.vmware.com/support/ace/doc/releasenotes_ace.html Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.vmware.com/support/player/doc/releasenotes_player.html Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.vmware.com/support/player2/doc/releasenotes_player2.html Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.vmware.com/support/server/doc/releasenotes_server.html Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2008/2466 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/43062 VDB Entry
af854a3a-2127-422b-91ae-364da2661108 https://www.exploit-db.com/exploits/6345 Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.632Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
          },
          {
            "name": "6345",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/6345"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
          },
          {
            "name": "vmware-comapi-guestinfo-bo(43062)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43062"
          },
          {
            "name": "31709",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31709"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
          },
          {
            "name": "31710",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31710"
          },
          {
            "name": "30934",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/30934"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
          },
          {
            "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
          },
          {
            "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
          },
          {
            "name": "31707",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31707"
          },
          {
            "name": "31708",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31708"
          },
          {
            "name": "29503",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29503"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
          },
          {
            "name": "4202",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/4202"
          },
          {
            "name": "ADV-2008-2466",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2466"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a call to the GuestInfo method in which there is a long string argument, and an assignment of a long string value to the result of this call.  NOTE: this may overlap CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, or CVE-2008-3696."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
        },
        {
          "name": "6345",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/6345"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
        },
        {
          "name": "vmware-comapi-guestinfo-bo(43062)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43062"
        },
        {
          "name": "31709",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31709"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
        },
        {
          "name": "31710",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31710"
        },
        {
          "name": "30934",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/30934"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
        },
        {
          "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
        },
        {
          "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
        },
        {
          "name": "31707",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31707"
        },
        {
          "name": "31708",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31708"
        },
        {
          "name": "29503",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29503"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
        },
        {
          "name": "4202",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/4202"
        },
        {
          "name": "ADV-2008-2466",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2466"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3892",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a call to the GuestInfo method in which there is a long string argument, and an assignment of a long string value to the result of this call.  NOTE: this may overlap CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, or CVE-2008-3696."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
              "refsource": "MISC",
              "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
            },
            {
              "name": "6345",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/6345"
            },
            {
              "name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
              "refsource": "MISC",
              "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
            },
            {
              "name": "vmware-comapi-guestinfo-bo(43062)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43062"
            },
            {
              "name": "31709",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31709"
            },
            {
              "name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
              "refsource": "MISC",
              "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
            },
            {
              "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
              "refsource": "MISC",
              "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
            },
            {
              "name": "31710",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31710"
            },
            {
              "name": "30934",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/30934"
            },
            {
              "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
              "refsource": "MISC",
              "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
            },
            {
              "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
            },
            {
              "name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
              "refsource": "MISC",
              "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
            },
            {
              "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
            },
            {
              "name": "31707",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31707"
            },
            {
              "name": "31708",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31708"
            },
            {
              "name": "29503",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29503"
            },
            {
              "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
              "refsource": "MISC",
              "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
            },
            {
              "name": "4202",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/4202"
            },
            {
              "name": "ADV-2008-2466",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2466"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3892",
    "datePublished": "2008-09-03T14:00:00",
    "dateReserved": "2008-09-03T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.632Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-3892\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-09-03T14:12:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a call to the GuestInfo method in which there is a long string argument, and an assignment of a long string value to the result of this call.  NOTE: this may overlap CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, or CVE-2008-3696.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer en un cierto control ActiveX en el COM API de VMware Workstation 5.5.x versiones anteriores a 5.5.8 build 108000, VMware Workstation 6.0.x versiones anteriores a 6.0.5 build 109488, VMware Player 1.x versiones anteriores a 1.0.8 build 108000, VMware Player 2.x versiones anteriores a 2.0.5 build 109488, VMware ACE 1.x versiones anteriores a 1.0.7 build 108880, VMware ACE 2.x versiones anteriores a 2.0.5 build 109488, and VMware Server versiones anteriores a 1.0.7 build 108231 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del navegador) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una llamada al m\u00e9todo GuestInfo en el cual hay un argumento de cadena largo, y un asignamiento de un valor de cadena largo al resultado de esa llamada.\\r\\nNOTA: esto puede superponerse a CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, o CVE-2008-3696.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0\",\"versionEndExcluding\":\"1.0.7\",\"matchCriteriaId\":\"799650A4-BD6F-40EF-889B-6ED50E05CCA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0\",\"versionEndExcluding\":\"2.0.5\",\"matchCriteriaId\":\"E196532F-3B8D-4DAB-9DBA-FE204D3A07A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndExcluding\":\"1.0.8\",\"matchCriteriaId\":\"B553A95A-C3D3-4A01-80D6-2F656BA26BF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0\",\"versionEndExcluding\":\"2.0.5\",\"matchCriteriaId\":\"F8CD1D7B-2D6F-4D48-8276-5C3285FF7B3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.7\",\"matchCriteriaId\":\"F1BF4289-F9A3-49B8-9641-9F7B0A02F3E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.5.8\",\"matchCriteriaId\":\"6A47F4F7-B457-4F5B-B719-7A5741595456\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0\",\"versionEndExcluding\":\"6.0.5\",\"matchCriteriaId\":\"F2B69FA6-E75A-4EDB-BD6C-41B560AABBC0\"}]}]}],\"references\":[{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/31707\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/31708\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/31709\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/31710\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/4202\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/495869/100/0/threaded\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/29503\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/30934\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vmware.com/support/ace/doc/releasenotes_ace.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vmware.com/support/player/doc/releasenotes_player.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vmware.com/support/player2/doc/releasenotes_player2.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vmware.com/support/server/doc/releasenotes_server.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2466\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/43062\",\"source\":\"cve@mitre.org\",\"tags\":[\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/6345\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/31707\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/31708\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/31709\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/31710\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/4202\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/495869/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/29503\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/30934\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vmware.com/support/ace/doc/releasenotes_ace.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vmware.com/support/player/doc/releasenotes_player.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vmware.com/support/player2/doc/releasenotes_player2.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vmware.com/support/server/doc/releasenotes_server.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2466\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/43062\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/6345\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.