CVE-2008-4279

Vulnerability Description

The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges by triggering an exception that causes the virtual CPU to perform an indirect jump to a non-canonical address.

CVSS Score

Affected Products

Related Weaknesses (CWE)

References

• http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/064860.htmlThird Party Advisory
• http://marc.info/?l=bugtraq&m=122331139823057&w=2Mailing ListThird Party Advisory
• http://secunia.com/advisories/32157Third Party Advisory
• http://secunia.com/advisories/32179Third Party Advisory
• http://secunia.com/advisories/32180Third Party Advisory
• http://www.securityfocus.com/archive/1/497041/100/0/threadedThird Party AdvisoryVDB Entry
• http://www.securityfocus.com/bid/31569Third Party AdvisoryVDB Entry
• http://www.securitytracker.com/id?1020991Third Party AdvisoryVDB Entry
• http://www.vmware.com/security/advisories/VMSA-2008-0016.htmlPatchVendor Advisory
• http://www.vupen.com/english/advisories/2008/2740Third Party Advisory
• https://exchange.xforce.ibmcloud.com/vulnerabilities/45668Third Party AdvisoryVDB Entry
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
• http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/064860.htmlThird Party Advisory
• http://marc.info/?l=bugtraq&m=122331139823057&w=2Mailing ListThird Party Advisory
• http://secunia.com/advisories/32157Third Party Advisory