Vulnerability Details CVE-2008-1361
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.8%
CVSS Severity
CVSS v2 Score 6.8
References
- http://lists.vmware.com/pipermail/security-announce/2008/000008.html
- http://security.gentoo.org/glsa/glsa-201209-25.xml
- http://securityreason.com/securityalert/3755
- http://securitytracker.com/id?1019621
- http://www.securityfocus.com/archive/1/489739/100/0/threaded
- http://www.securityfocus.com/bid/28276
- http://www.vmware.com/security/advisories/VMSA-2008-0005.html
- http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
- http://www.vmware.com/support/player/doc/releasenotes_player.html
- http://www.vmware.com/support/player2/doc/releasenotes_player2.html
- http://www.vmware.com/support/server/doc/releasenotes_server.html
- http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
- http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
- http://www.vupen.com/english/advisories/2008/0905/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41257
- http://lists.vmware.com/pipermail/security-announce/2008/000008.html
- http://security.gentoo.org/glsa/glsa-201209-25.xml
- http://securityreason.com/securityalert/3755
- http://securitytracker.com/id?1019621
- http://www.securityfocus.com/archive/1/489739/100/0/threaded
- http://www.securityfocus.com/bid/28276
- http://www.vmware.com/security/advisories/VMSA-2008-0005.html
- http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
- http://www.vmware.com/support/player/doc/releasenotes_player.html
- http://www.vmware.com/support/player2/doc/releasenotes_player2.html
- http://www.vmware.com/support/server/doc/releasenotes_server.html
- http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
- http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
- http://www.vupen.com/english/advisories/2008/0905/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41257
Products affected by CVE-2008-1361
-
cpe:2.3:a:vmware:ace:1.0
-
cpe:2.3:a:vmware:ace:1.0.1
-
cpe:2.3:a:vmware:ace:1.0.2
-
cpe:2.3:a:vmware:ace:1.0.3
-
cpe:2.3:a:vmware:ace:1.0.4
-
cpe:2.3:a:vmware:ace:2.0
-
cpe:2.3:a:vmware:player:1.0.2
-
cpe:2.3:a:vmware:player:1.0.3
-
cpe:2.3:a:vmware:player:1.0.4
-
cpe:2.3:a:vmware:player:1.0.5
-
cpe:2.3:a:vmware:player:2.0
-
cpe:2.3:a:vmware:player:2.0.1
-
cpe:2.3:a:vmware:player:2.0.2
-
cpe:2.3:a:vmware:server:1.0.3
-
cpe:2.3:a:vmware:vmware_server:1.0.0
-
cpe:2.3:a:vmware:vmware_server:1.0.1
-
cpe:2.3:a:vmware:vmware_server:1.0.2
-
cpe:2.3:a:vmware:vmware_server:1.0.3
-
cpe:2.3:a:vmware:vmware_server:1.0.4
-
cpe:2.3:a:vmware:vmware_workstation:5.5.5
-
cpe:2.3:a:vmware:vmware_workstation:6.0.1
-
cpe:2.3:a:vmware:vmware_workstation:6.0.2
-
cpe:2.3:a:vmware:workstation:5.5
-
cpe:2.3:a:vmware:workstation:5.5.3_build_34685
-
cpe:2.3:a:vmware:workstation:5.5.3_build_42958
-
cpe:2.3:a:vmware:workstation:5.5.4
-
cpe:2.3:a:vmware:workstation:5.5.4_build_44386
-
cpe:2.3:a:vmware:workstation:6.0