CVE-2008-1392

N/A Unknown

Published: March 20, 2008 Modified: April 23, 2026

Description

The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.vmware.com/pipermail/security-announce/2008/000008.html

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-201209-25.xml

Source: cve@mitre.org

http://securityreason.com/securityalert/3755

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/489739/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/28276

Source: cve@mitre.org

http://www.vmware.com/security/advisories/VMSA-2008-0005.html

Source: cve@mitre.org

Patch Vendor Advisory

http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html

Source: cve@mitre.org

Patch Vendor Advisory

http://www.vmware.com/support/player2/doc/releasenotes_player2.html

Source: cve@mitre.org

Patch Vendor Advisory

http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/41551

Source: cve@mitre.org

http://lists.vmware.com/pipermail/security-announce/2008/000008.html