CVE-2008-2098

CWE-119 — Buffer Overflow3 documents3 sources

Severity

6.9MEDIUM

EPSS

0.1%

top 72.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware ACE 2 Vmware Fusion Vmware Vmware Player 2 +2 more

Timeline

PublishedJun 2

Latest updateMay 1

Description

Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when folder sharing is used, allows guest OS users to execute arbitrary code on the host OS via unspecified vectors.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages5 packages

▶NVDvmware/fusion1.1, 1.1.1+1

▶NVDvmware/workstation6.0

▶NVDvmware/vmware_player_24 versions+3

▶NVDvmware/vmware_workstation6.0.1, 6.0.2, 6.03+2

▶NVDvmware/ace_22.0, 2.01+1

🔴Vulnerability Details

GHSA

GHSA-2vrm-6v48-2rqp: Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 before 6↗2022-05-01

▶

CVEList

CVE-2008-2098: Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 before 6↗2008-06-02

▶