Privilege Escalation Vulnerability in VMware Workstation and Player
CVE-2008-4279

Currently unrated

Key Information:

Vendor: Vmware
Status: Player; Workstation; Esx; Server
Vendor: CVE Published:; 6 October 2008

Summary

A vulnerability in the CPU hardware emulation for 64-bit guest operating systems in VMware products allows authenticated guest OS users to escalate their privileges. By triggering a specific exception, the virtual CPU can be manipulated to make an indirect jump to a non-canonical address, which can lead to unauthorized access and control over the guest operating system. This flaw affects multiple versions of VMware Workstation, Player, and ESX, making it crucial for users to apply security patches to mitigate potential risks.

References

http://marc.info/?l=bugtraq&m=122331139823057&w=2

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/32157

third-party-advisoryx_refsource_SECUNIA

http://lists.grok.org.uk/pipermail/full-disclosure/2008-O...

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Oct 6, 2008
Vulnerability Reserved
Sep 26, 2008