CVE-2008-2098

Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when folder sharing is used, allows guest OS users to execute arbitrary code on the host OS via unspecified vectors.

Published: Jun 2, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-2098
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
vmware / vmware_player_2	2.01	2.01.x
vmware / fusion	1.1	1.1.x
vmware / fusion	1.1.1	1.1.1.x
vmware / vmware_player_2	2.03	2.03.x
vmware / workstation	6.0	6.0.x
vmware / ace_2	2.01	2.01.x
vmware / vmware_player_2	2.0	2.0.x
vmware / vmware_workstation	6.0.2	6.0.2.x
vmware / vmware_player_2	2.02	2.02.x
vmware / vmware_workstation	6.0.1	6.0.1.x
vmware / ace_2	2.0	2.0.x
vmware / vmware_workstation	6.03	6.03.x

http://secunia.com/advisories/30476
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://www.securityfocus.com/archive/1/492831/100/0/threaded
http://www.securitytracker.com/id?1020148
http://www.vmware.com/security/advisories/VMSA-2008-0008.html
http://www.vupen.com/english/advisories/2008/1707/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42753

Vulnerability Database

289,697

CVE-2008-2098