CVE-2008-4279

Name of the Vulnerable Software and Affected Versions: VMware Workstation versions 6.0.x through 6.0.4 VMware Workstation versions 5.x through 5.5.7 VMware Player versions 2.0.x through 2.0.4 VMware Player versions 1.x through 1.0.7 VMware Server versions 1.x through 1.0.6 VMware ESX versions 2.5.4 through 3.5

Description: The issue allows authenticated guest OS users to gain additional guest OS privileges by triggering an exception that causes the virtual CPU to perform an indirect jump to a non-canonical address. This is related to the CPU hardware emulation for 64-bit guest operating systems.

Recommendations: For VMware Workstation versions 6.0.x, update to version 6.0.5 build 109488 or later. For VMware Workstation versions 5.x, update to version 5.5.8 build 108000 or later. For VMware Player versions 2.0.x, update to version 2.0.5 build 109488 or later. For VMware Player versions 1.x, update to version 1.0.8 or later. For VMware Server versions 1.x, update to version 1.0.7 build 108231 or later. For VMware ESX versions 2.5.4 through 3.5, update to a version later than 3.5.