CVE-2008-1392

Currently unrated

Key Information:

Vendor: Vmware
Status: Ace; Player; Vmware Workstation
Vendor: CVE Published:; 20 March 2008

Summary

The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors.

References

http://security.gentoo.org/glsa/glsa-201209-25.xml

vendor-advisoryx_refsource_GENTOO

http://securityreason.com/securityalert/3755

third-party-advisoryx_refsource_SREASON

https://exchange.xforce.ibmcloud.com/vulnerabilities/41551

vdb-entryx_refsource_XF

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 20, 2008
Vulnerability Reserved
Mar 19, 2008