{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-05-30T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when folder sharing is used, allows guest OS users to execute arbitrary code on the host OS via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "GLSA-201209-25", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0008.html"}, {"name": "vmware-hgfs-bo(42753)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42753"}, {"name": "1020148", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020148"}, {"name": "20080530 VMSA-2008-0008 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/492831/100/0/threaded"}, {"name": "ADV-2008-1707", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1707/references"}, {"name": "30476", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30476"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-2098", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when folder sharing is used, allows guest OS users to execute arbitrary code on the host OS via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-201209-25", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"}, {"name": "http://www.vmware.com/security/advisories/VMSA-2008-0008.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2008-0008.html"}, {"name": "vmware-hgfs-bo(42753)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42753"}, {"name": "1020148", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020148"}, {"name": "20080530 VMSA-2008-0008 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/492831/100/0/threaded"}, {"name": "ADV-2008-1707", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1707/references"}, {"name": "30476", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30476"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:49:57.643Z"}, "title": "CVE Program Container", "references": [{"name": "GLSA-201209-25", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0008.html"}, {"name": "vmware-hgfs-bo(42753)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42753"}, {"name": "1020148", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020148"}, {"name": "20080530 VMSA-2008-0008 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/492831/100/0/threaded"}, {"name": "ADV-2008-1707", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/1707/references"}, {"name": "30476", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30476"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-2098", "datePublished": "2008-06-02T14:00:00", "dateReserved": "2008-05-07T00:00:00", "dateUpdated": "2024-08-07T08:49:57.643Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:ace_2:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8476A347-FBF2-4235-8483-7365BAF700A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:ace_2:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "B7AD3DFD-6211-438F-9483-E82B346DBA19", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:fusion:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3DD1338C-8FC1-40A1-BAE8-B11F4354A0CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:fusion:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AC862199-8AA7-4E5E-BA2B-DF5FC9A056BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vmware_player_2:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BDF5387-1F1B-42AF-B33D-E4392D61D89C", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vmware_player_2:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "6A7B9138-51C8-433D-80B5-70FBB09732DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vmware_player_2:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "5CF74F13-1247-4D40-816A-FF5B2E00FAF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vmware_player_2:2.03:*:*:*:*:*:*:*", "matchCriteriaId": "6B6F83E6-1325-4B96-B253-7B031B5BA563", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.03:*:*:*:*:*:*:*", "matchCriteriaId": "652DCCCA-2C0F-482F-AD1C-F3913BD3430D", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when folder sharing is used, allows guest OS users to execute arbitrary code on the host OS via unspecified vectors."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en el VMware Host Guest File System (HGFS) en VMware Workstation versiones 6 anteriores a 6.0.4 build 93057, VMware Player versiones 2 anteriores a 2.0.4 build 93057, VMware ACE versiones 2 anteriores a 2.0.2 build 93057 y VMware Fusion versiones anteriores a 1.1.2 build 87978, cuando el uso compartido de carpetas es utilizado, permite a los usuarios del SO invitado ejecutar c\u00f3digo arbitrario sobre el SO host por medio de vectores no especificados."}], "id": "CVE-2008-2098", "lastModified": "2024-11-21T00:46:05.103", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-06-02T21:30:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30476"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/492831/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1020148"}, {"source": "cve@mitre.org", "url": "http://www.vmware.com/security/advisories/VMSA-2008-0008.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/1707/references"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42753"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30476"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/492831/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1020148"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vmware.com/security/advisories/VMSA-2008-0008.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/1707/references"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42753"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}