[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-4279Date: (C)2008-10-06   (M)2023-12-22


The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges by triggering an exception that causes the virtual CPU to perform an indirect jump to a non-canonical address.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 3.1
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1020991
http://marc.info/?l=bugtraq&m=122331139823057&w=2
http://www.securityfocus.com/archive/1/497041/100/0/threaded
http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/064860.html
BID-31569
SECUNIA-32157
SECUNIA-32179
SECUNIA-32180
ADV-2008-2740
http://www.vmware.com/security/advisories/VMSA-2008-0016.html
oval:org.mitre.oval:def:5929
vmware-esxesxi-jump-privilege-escalation(45668)

CPE    3
cpe:/a:vmware:player
cpe:/a:vmware:workstation
cpe:/a:vmware:server
CWE    1
CWE-264

© SecPod Technologies