CVE-2008-4917

CWE-3993 documents3 sources

Severity

7.2HIGH

EPSS

0.1%

top 77.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware ESX Vmware Player Vmware Server +2 more

Timeline

PublishedDec 9

Latest updateMay 14

Description

Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages5 packages

▶NVDvmware/player1.0.0 — 1.0.8+1

▶NVDvmware/server1.0 — 1.0.9

▶NVDvmware/workstation5.5 — 5.5.8+1

▶NVDvmware/esxi3.5

▶NVDvmware/esx3.0.2 — 3.5

Patches

Patch: kb.vmware.com ↗Patch: kb.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-46c6-67jv-855j: Unspecified vulnerability in VMware Workstation 5↗2022-05-14

▶

CVEList

CVE-2008-4917: Unspecified vulnerability in VMware Workstation 5↗2008-12-09

▶