CVE-2008-2099
VMware Workstation 6 < 6.0.4, VMware Player 2 < 2.0.4, VMware ACE 2 < 2.0.2 - Arbitrary Code Execution via VMCI
Title source: llmDescription
Unspecified vulnerability in VMCI in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, and VMware ACE 2 before 2.0.2 build 93057 on Windows allows guest OS users to execute arbitrary code on the host OS via unspecified vectors.
References (7)
Core 7
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2008-0008.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/42757
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1707
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/29443
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/492831/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1020149
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30476
Scores
EPSS
0.0007
EPSS Percentile
21.1%
Details
CWE
CWE-119
Status
published
Products (10)
vmware/ace_2
2.0
vmware/ace_2
2.0.1
vmware/vmware_player_2
2.0
vmware/vmware_player_2
2.0.1
vmware/vmware_player_2
2.0.2
vmware/vmware_player_2
2.0.3
vmware/vmware_workstation
6.0.1
vmware/vmware_workstation
6.0.2
vmware/vmware_workstation
6.0.3
vmware/workstation
6.0
Published
Jun 02, 2008
Tracked Since
Feb 18, 2026