CVE-2008-1340

CWE-3993 documents3 sources
Severity
7.1HIGH
EPSS
0.9%
top 23.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Vmware ACEVmware PlayerVmware Server+3 more
Timeline
PublishedMar 20
Latest updateMay 1

Description

Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption."

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages6 packages

NVDvmware/player7 versions+6
NVDvmware/workstation6 versions+5
NVDvmware/vmware_workstation5.5.5, 6.0.1, 6.0.2+2
NVDvmware/ace1.0, 2.0+1
NVDvmware/server1.0.3

Patches

Patch: lists.vmware.comPatch: www.securityfocus.comPatch: www.vmware.com

🔴Vulnerability Details

2
GHSA
GHSA-77qh-qg3x-6q7q: Virtual Machine Communication Interface (VMCI) in VMware Workstation 62022-05-01
CVEList
CVE-2008-1340: Virtual Machine Communication Interface (VMCI) in VMware Workstation 62008-03-20
CVE-2008-1340 (HIGH CVSS 7.1) | Virtual Machine Communication Inter | cvebase.io