CVE-2008-2100

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 5.x through 6.x VMware Player versions 1.x through 2.x VMware ACE version 2.x VMware Server version 1.x VMware Fusion version 1.x VMware ESXi version 3.5 VMware ESX versions 3.0.1 through 3.5 VIX API versions 1.1.x before 1.1.4 build 93057

Description The issue allows guest OS users to execute arbitrary code on the host OS via unspecified vectors due to multiple buffer overflows in the VIX API.

Recommendations For VMware Workstation versions 5.x through 6.x, update to a version with VIX API 1.1.4 build 93057 or later. For VMware Player versions 1.x through 2.x, update to a version with VIX API 1.1.4 build 93057 or later. For VMware ACE version 2.x, update to a version with VIX API 1.1.4 build 93057 or later. For VMware Server version 1.x, update to a version with VIX API 1.1.4 build 93057 or later. For VMware Fusion version 1.x, update to a version with VIX API 1.1.4 build 93057 or later. For VMware ESXi version 3.5, update to a version with VIX API 1.1.4 build 93057 or later. For VMware ESX versions 3.0.1 through 3.5, update to a version with VIX API 1.1.4 build 93057 or later. For VIX API versions 1.1.x before 1.1.4 build 93057, update to version 1.1.4 build 93057 or later.