CVE-2008-2100

Vulnerability Description

Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.

CVSS Score

Affected Products

Related Weaknesses (CWE)

References

• http://secunia.com/advisories/30556Third Party Advisory
• http://security.gentoo.org/glsa/glsa-201209-25.xmlThird Party Advisory
• http://securityreason.com/securityalert/3922Third Party Advisory
• http://securitytracker.com/id?1020200Third Party AdvisoryVDB Entry
• http://www.securityfocus.com/archive/1/493080/100/0/threadedThird Party AdvisoryVDB Entry
• http://www.securityfocus.com/bid/29552Third Party AdvisoryVDB Entry
• http://www.vmware.com/security/advisories/VMSA-2008-0009.htmlVendor Advisory
• http://www.vupen.com/english/advisories/2008/1744Permissions Required
• https://exchange.xforce.ibmcloud.com/vulnerabilities/42872Third Party AdvisoryVDB Entry
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
• http://secunia.com/advisories/30556Third Party Advisory
• http://security.gentoo.org/glsa/glsa-201209-25.xmlThird Party Advisory
• http://securityreason.com/securityalert/3922Third Party Advisory
• http://securitytracker.com/id?1020200Third Party AdvisoryVDB Entry