CVE-2008-3693

2008-09-0314:12:00

[email protected]

web.nvd.nist.gov

vmware

workstation

player

ace

server

vulnerability

activex

remote attack

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.1%

JSON

Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696.

Affected configurations

NVD

Node

vmwareaceRange1.0–1.0.7

vmwareaceRange2.0–2.0.5

vmwareplayerRange1.0.0–1.0.8

vmwareplayerRange2.0–2.0.5

vmwareserverRange<1.0.7

vmwareworkstationRange5.5–5.5.8

vmwareworkstationRange6.0–6.0.5

CPENameOperatorVersion
vmware:acevmware acelt1.0.7
vmware:acevmware acelt2.0.5
vmware:playervmware playerlt1.0.8
vmware:playervmware playerlt2.0.5
vmware:servervmware serverlt1.0.7
vmware:workstationvmware workstationlt5.5.8
vmware:workstationvmware workstationlt6.0.5

CPE	Name	Operator	Version
vmware:ace	vmware ace	lt	1.0.7
vmware:ace	vmware ace	lt	2.0.5
vmware:player	vmware player	lt	1.0.8
vmware:player	vmware player	lt	2.0.5
vmware:server	vmware server	lt	1.0.7
vmware:workstation	vmware workstation	lt	5.5.8
vmware:workstation	vmware workstation	lt	6.0.5