CVE-2008-1392

Published: Mar 20, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

GLSA-201209-25

vendor-advisory

x_refsource_GENTOO

3755

third-party-advisory

x_refsource_SREASON

vmware-vix-api-unspecified(41551)

vdb-entry

x_refsource_XF

http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html

x_refsource_CONFIRM

http://www.vmware.com/support/player2/doc/releasenotes_player2.html

x_refsource_CONFIRM

http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html

x_refsource_CONFIRM

20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues

mailing-list

x_refsource_BUGTRAQ

[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues

mailing-list

x_refsource_MLIST

http://www.vmware.com/security/advisories/VMSA-2008-0005.html

x_refsource_CONFIRM

28276

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2008-1392

Description

Affected Products

References