CVE-2008-1392 Information
Description
The default configuration of VMware Workstation 6.0.2 VMware Player 2.0.x before 2.0.3 and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls which has unknown impact and attack vectors.
Reference
http://lists.vmware.com/pipermail/security-announce/2008/000008.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://securityreason.com/securityalert/3755 http://www.securityfocus.com/archive/1/489739/100/0/threaded http://www.securityfocus.com/bid/28276 http://www.vmware.com/security/advisories/VMSA-2008-0005.html http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html http://www.vmware.com/support/player2/doc/releasenotes_player2.html http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html https://exchange.xforce.ibmcloud.com/vulnerabilities/41551
Share on: