Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.
2008-06-05T20:32:00.000
2025-04-09T00:30:58.490
Deferred
CVSSv2: 7.2 (HIGH)
AV:L/AC:L/Au:N/C:C/I:C/A:C
3.9
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | vmware | ace | ≤ 1.0.5 | Yes |
| Application | vmware | ace | ≤ 2.0.3 | Yes |
| Application | vmware | esx_server | 3.0 | Yes |
| Application | vmware | esx_server | 3.5 | Yes |
| Application | vmware | esxi | 3.5 | Yes |
| Application | vmware | fusion | ≤ 1.1.1 | Yes |
| Application | vmware | player | ≤ 1.0.6 | Yes |
| Application | vmware | player | ≤ 2.0.3 | Yes |
| Application | vmware | server | ≤ 1.0.5 | Yes |
| Application | vmware | workstation | ≤ 5.5.6 | Yes |
| Application | vmware | workstation | ≤ 6.0.3 | Yes |
| Operating System | vmware | esx | 2.5.4 | Yes |
| Operating System | vmware | esx | 2.5.5 | Yes |
| Operating System | vmware | esx | 3.0.0 | Yes |
| Operating System | vmware | esx | 3.0.1 | Yes |
| Operating System | vmware | esx | 3.0.2 | Yes |
| Operating System | vmware | esx | 3.5 | Yes |