CVE-2008-3761

hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 uses the METHOD_NEITHER communication method for IOCTLs, which allows local users to cause a denial of service via a crafted IOCTL request.
Configurations

Configuration 1 (hide)

cpe:2.3:a:vmware:vmware_workstation:6.0.0.45731:*:*:*:*:*:*:*

History

21 Nov 2024, 00:50

Type Values Removed Values Added
References () http://lists.vmware.com/pipermail/security-announce/2009/000054.html - () http://lists.vmware.com/pipermail/security-announce/2009/000054.html -
References () http://seclists.org/fulldisclosure/2009/Apr/0036.html - () http://seclists.org/fulldisclosure/2009/Apr/0036.html -
References () http://securityreason.com/securityalert/4177 - () http://securityreason.com/securityalert/4177 -
References () http://www.orange-bat.com/adv/2008/adv.08.17.txt - () http://www.orange-bat.com/adv/2008/adv.08.17.txt -
References () http://www.securityfocus.com/bid/30737 - () http://www.securityfocus.com/bid/30737 -
References () http://www.securityfocus.com/bid/34373 - () http://www.securityfocus.com/bid/34373 -
References () http://www.securitytracker.com/id?1020715 - () http://www.securitytracker.com/id?1020715 -
References () http://www.vmware.com/security/advisories/VMSA-2009-0005.html - () http://www.vmware.com/security/advisories/VMSA-2009-0005.html -
References () http://www.vupen.com/english/advisories/2009/0944 - () http://www.vupen.com/english/advisories/2009/0944 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/44539 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/44539 -
References () https://www.exploit-db.com/exploits/6262 - () https://www.exploit-db.com/exploits/6262 -

Information

Published : 2008-08-21 17:41

Updated : 2024-11-21 00:50


NVD link : CVE-2008-3761

Mitre link : CVE-2008-3761

CVE.ORG link : CVE-2008-3761


JSON object : View

Products Affected

vmware

  • vmware_workstation
CWE
CWE-20

Improper Input Validation