CVE-2008-3692
First published: Wed Sep 03 2008(Updated: )
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware ACE | >=1.0<1.0.7 | |
| VMware ACE | >=2.0<2.0.5 | |
| VMware Player | >=1.0.0<1.0.8 | |
| VMware Player | >=2.0<2.0.5 | |
| VMware Server | <1.0.7 | |
| VMware Workstation and ESXi | >=5.5<5.5.8 | |
| VMware Workstation and ESXi | >=6.0<6.0.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
- http://www.vmware.com/support/ace/doc/releasenotes_ace.html
- http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
- http://www.vmware.com/support/player/doc/releasenotes_player.html
- http://www.vmware.com/support/player2/doc/releasenotes_player2.html
- http://www.vmware.com/support/server/doc/releasenotes_server.html
- http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
- http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
- http://www.securityfocus.com/bid/30934
- http://secunia.com/advisories/31707
- http://secunia.com/advisories/31708
- http://secunia.com/advisories/31709
- http://secunia.com/advisories/31710
- http://www.vmware.com/security/advisories/VMSA-2008-0014.html
- http://www.securitytracker.com/id?1020791
- http://securityreason.com/securityalert/4202
- http://www.vupen.com/english/advisories/2008/2466
- http://www.securityfocus.com/archive/1/495869/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2008-3692?
CVE-2008-3692 is classified as a medium severity vulnerability affecting certain ActiveX controls in various VMware products.
How do I fix CVE-2008-3692?
To fix CVE-2008-3692, update to the latest version of the affected VMware products as specified in the release notes.
What products are affected by CVE-2008-3692?
CVE-2008-3692 affects VMware Workstation, VMware Player, and VMware ACE across various versions.
Is CVE-2008-3692 present in VMware Workstation 6.0.5?
No, CVE-2008-3692 is not present in VMware Workstation version 6.0.5 or later.
What types of vulnerabilities does CVE-2008-3692 represent?
CVE-2008-3692 represents an unspecified vulnerability that can be exploited through ActiveX controls in the affected VMware software.
- agent/references
- agent/remedy
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/vmware
- canonical/vmware ace
- version/vmware ace/1.0
- version/vmware ace/2.0
- canonical/vmware player
- version/vmware player/1.0.0
- version/vmware player/2.0
- canonical/vmware server
- canonical/vmware workstation and esxi
- version/vmware workstation and esxi/5.5
- version/vmware workstation and esxi/6.0