CVE-2008-0967

2008-06-0520:32:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2008-0967

vmware

vulnerability

privilege escalation

nvd

linux

esxi

esx

6.4 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file.

CPENameOperatorVersion
vmware:esx_servervmware esx servereq3.3
vmware:playervmware playereq1.0.6
vmware:vmware_servervmware vmware servereq1.0.1
vmware:playervmware playereq2.0.1
vmware:playervmware playereq2.0.2
vmware:playervmware playereq1.0.2
vmware:vmware_workstationvmware vmware workstationeq5.5.6
vmware:esx_servervmware esx servereq3.2
vmware:workstationvmware workstationeq6.0
vmware:vmware_workstationvmware vmware workstationeq5.5.5

CPE	Name	Operator	Version
vmware:esx_server	vmware esx server	eq	3.3
vmware:player	vmware player	eq	1.0.6
vmware:vmware_server	vmware vmware server	eq	1.0.1
vmware:player	vmware player	eq	2.0.1
vmware:player	vmware player	eq	2.0.2
vmware:player	vmware player	eq	1.0.2
vmware:vmware_workstation	vmware vmware workstation	eq	5.5.6
vmware:esx_server	vmware esx server	eq	3.2
vmware:workstation	vmware workstation	eq	6.0
vmware:vmware_workstation	vmware vmware workstation	eq	5.5.5