CVE-2008-1392
First published: Thu Mar 20 2008(Updated: )
The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows | ||
| VMware ACE | <=2.0 | |
| VMware Player | <=2.0.2 | |
| VMware VMware Workstation | =6.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.vmware.com/pipermail/security-announce/2008/000008.html
- http://www.vmware.com/security/advisories/VMSA-2008-0005.html
- http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
- http://www.vmware.com/support/player2/doc/releasenotes_player2.html
- http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
- http://www.securityfocus.com/bid/28276
- http://securityreason.com/securityalert/3755
- http://security.gentoo.org/glsa/glsa-201209-25.xml
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41551
- http://www.securityfocus.com/archive/1/489739/100/0/threaded
- collector/nvd-historical
- agent/references
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/remedy
- agent/severity
- agent/author
- agent/weakness
- agent/tags
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft windows
- vendor/vmware
- canonical/vmware ace
- version/vmware ace/2.0
- canonical/vmware player
- version/vmware player/2.0.2
- canonical/vmware vmware workstation
- version/vmware vmware workstation/6.0.2