CVE-2008-2097Improper Restriction of Operations within the Bounds of a Memory Buffer in Vmware ESX

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
9.0CRITICALNVD
EPSS
4.2%
top 11.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Vmware ESXVmware Esxi
Timeline
PublishedJun 5
Latest updateMay 1

Description

Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages2 packages

NVDvmware/esxi3.5
NVDvmware/esx3.5

🔴Vulnerability Details

2
GHSA
GHSA-g6g5-2whg-2679: Buffer overflow in the openwsman management service in VMware ESXi 32022-05-01
CVEList
CVE-2008-2097: Buffer overflow in the openwsman management service in VMware ESXi 32008-06-05

📋Vendor Advisories

1
Red Hat
CVE-2008-4097: MySQL 5
CVE-2008-2097 — Vmware ESX vulnerability | cvebase