PT-2008-2973 · Vmware · Vmware Player+2

Published

2008-03-20

Updated

2018-10-11

CVE-2008-1392

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions VMware Workstation version 6.0.2 VMware Player versions 2.0.x through 2.0.2 VMware ACE versions 2.0.x through 2.0.0

Description The default configuration of the affected software makes the console of the guest OS accessible through anonymous VIX API calls. The impact and attack vectors of this issue are unknown.

Recommendations For VMware Workstation version 6.0.2, update to a version that addresses this issue. For VMware Player versions 2.0.x through 2.0.2, update to version 2.0.3 or later. For VMware ACE versions 2.0.x through 2.0.0, update to version 2.0.1 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-16

Related Identifiers

CVE-2008-1392

Affected Products

Vmware Ace

Vmware Player

Vmware Workstation

PT-2008-2973 · Vmware · Vmware Player+2

CVE-2008-1392

Weakness Enumeration

Related Identifiers

Affected Products

References · 12