Buffer Overflows in VIX API Affecting VMware Products
CVE-2008-2100

Currently unrated

Key Information:

Vendor: Vmware
Status: Fusion; Esx Server; Esxi; Esx
Vendor: CVE Published:; 5 June 2008

What is CVE-2008-2100?

The VIX API, used in various VMware products, is susceptible to multiple buffer overflow vulnerabilities. These flaws allow a user on a guest operating system to execute arbitrary code on the host operating system through unprotected vectors. This could lead to unauthorized access and control, posing significant security risks to environments running affected VMware versions.

References

http://security.gentoo.org/glsa/glsa-201209-25.xml

vendor-advisoryx_refsource_GENTOO

http://www.vupen.com/english/advisories/2008/1744

vdb-entryx_refsource_VUPEN

http://securitytracker.com/id?1020200

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 5, 2008
Vulnerability Reserved
May 7, 2008

Vmware

What is CVE-2008-2100?

References

Timeline