CVE-2008-4917
VMware ESX 3.0.2-3.5, ESXi 3.5, Workstation <5.5.8, Player <1.0.8, Server <1.0.9 Memory Corruption
Title source: llmDescription
Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption.
References (10)
Core 10
Core References
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201209-25.xml
Patch, Vendor Advisory x_refsource_confirm
http://kb.vmware.com/kb/1006980
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498863/100/0/threaded
Third Party Advisory vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6246
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/32965
Vendor Advisory x_refsource_confirm
http://kb.vmware.com/kb/1006986
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498886/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1021301
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1021300
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/32597
Scores
EPSS
0.0007
EPSS Percentile
22.0%
Details
CWE
CWE-399
Status
published
Products (5)
vmware/esx
3.0.2 - 3.5
vmware/esxi
3.5
vmware/player
1.0.0 - 1.0.8
vmware/server
1.0 - 1.0.9
vmware/workstation
5.5 - 5.5.8
Published
Dec 09, 2008
Tracked Since
Feb 18, 2026