Description
Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.
References (11)
Core 11
Core References
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201209-25.xml
Permissions Required vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1744
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1020200
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/42872
Third Party Advisory vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5647
Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2008-0009.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30556
Third Party Advisory vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5081
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/29552
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/493080/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/3922
Scores
EPSS
0.0015
EPSS Percentile
35.5%
Details
CWE
CWE-119
Status
published
Products (14)
vmware/ace
1.0 - 1.0.5
vmware/esx
2.5.4
vmware/esx
2.5.5
vmware/esx
3.0.0
vmware/esx
3.0.1
vmware/esx
3.0.2
vmware/esx
3.5
vmware/esx_server
3.0
vmware/esx_server
3.5
vmware/esxi
3.5
... and 4 more
Published
Jun 05, 2008
Tracked Since
Feb 18, 2026