CVE-2008-1392

The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
VendorProductVersion
vmwareace
𝑥
≤ 2.0
vmwareplayer
𝑥
≤ 2.0.2
vmwarevmware_workstation
6.0.2
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
vmware-player
gutsy
dne
feisty
ignored
edgy
ignored
dapper
ignored
Common Weakness Enumeration
References
http://lists.vmware.com/pipermail/security-announce/2008/000008.html
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://securityreason.com/securityalert/3755
http://www.securityfocus.com/archive/1/489739/100/0/threaded
http://www.securityfocus.com/bid/28276
http://www.vmware.com/security/advisories/VMSA-2008-0005.html
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/41551
http://lists.vmware.com/pipermail/security-announce/2008/000008.html
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://securityreason.com/securityalert/3755
http://www.securityfocus.com/archive/1/489739/100/0/threaded
http://www.securityfocus.com/bid/28276
http://www.vmware.com/security/advisories/VMSA-2008-0005.html
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/41551