CVE-2008-2098
Summary
| CVE | CVE-2008-2098 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2008-06-02 21:30:00 UTC |
| Updated | 2018-10-11 20:39:00 UTC |
| Description | Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when folder sharing is used, allows guest OS users to execute arbitrary code on the host OS via unspecified vectors. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Vmware | Ace 2 | 2.0 | All | All | All |
| Application | Vmware | Ace 2 | 2.01 | All | All | All |
| Application | Vmware | Ace 2 | 2.0 | All | All | All |
| Application | Vmware | Ace 2 | 2.01 | All | All | All |
| Application | Vmware | Fusion | 1.1 | All | All | All |
| Application | Vmware | Fusion | 1.1.1 | All | All | All |
| Application | Vmware | Fusion | 1.1 | All | All | All |
| Application | Vmware | Fusion | 1.1.1 | All | All | All |
| Application | Vmware | Vmware Player 2 | 2.0 | All | All | All |
| Application | Vmware | Vmware Player 2 | 2.01 | All | All | All |
| Application | Vmware | Vmware Player 2 | 2.02 | All | All | All |
| Application | Vmware | Vmware Player 2 | 2.03 | All | All | All |
| Application | Vmware | Vmware Player 2 | 2.0 | All | All | All |
| Application | Vmware | Vmware Player 2 | 2.01 | All | All | All |
| Application | Vmware | Vmware Player 2 | 2.02 | All | All | All |
| Application | Vmware | Vmware Player 2 | 2.03 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.0.1 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.0.2 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.03 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.0.1 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.0.2 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.03 | All | All | All |
| Application | Vmware | Workstation | 6.0 | All | All | All |
| Application | Vmware | Workstation | 6.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| VMware Workstation, Player, ACE, and Fusion Buffer Overflow in HGFS File System Lets Local Users Gain Elevated Privileges - SecurityTracker | SECTRACK | www.securitytracker.com | |
| Gentoo Linux Documentation -- VMware Player, Server, Workstation: Multiple vulnerabilities | GENTOO | security.gentoo.org | |
| VMSA-2008-0008 - VMware | CONFIRM | www.vmware.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | Vendor Advisory |
| VMware Products Multiple Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.