Heap-based Buffer Overflow in VMware Workstation and Related Products
CVE-2008-2098

Currently unrated

Key Information:

Vendor: Vmware
Status: Vmware Player 2; Fusion; Workstation; Ace 2
Vendor: CVE Published:; 2 June 2008

Summary

A heap-based buffer overflow vulnerability exists in the VMware Host Guest File System (HGFS) affecting several VMware products. This weakness is specifically triggered when folder sharing is used, allowing malicious users on the guest operating system to execute arbitrary code on the host operating system through unspecified vectors. The flaw affects VMware Workstation, Player, ACE, and Fusion versions prior to their respective security updates.

References

http://security.gentoo.org/glsa/glsa-201209-25.xml

vendor-advisoryx_refsource_GENTOO

http://www.vmware.com/security/advisories/VMSA-2008-0008....

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/42753

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jun 2, 2008
Vulnerability Reserved
May 7, 2008