admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2008/CVE-2008-13xx/CVE-2008-1363.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

248 lines
7.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2008-1363",
"sourceIdentifier": "cve@mitre.org",
"published": "2008-03-20T00:44:00.000",
"lastModified": "2018-11-01T16:24:01.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation of a config.ini file located in an Application Data folder, which can be used for \"hijacking the VMX process.\""
},
{
"lang": "es",
"value": "VMware Workstation versiones 6.0.x anteriores a 6.0.3 y versiones 5.5.x anteriores a 5.5.6, VMware Player versiones 2.0.x anteriores a 2.0.3 y versiones 1.0.x anteriores a 1.0.6, VMware ACE versiones 2.0.x anteriores a 2.0.1 y versiones 1.0.x anteriores a 1.0.5, y VMware Server versiones 1.0.x anteriores a 1.0.5 para Windows permite a usuarios locales obtener privilegios mediante una modificaci\u00f3n no especificada del fichero config.ini localizado en la carpeta de Datos de Aplicaci\u00f3n, que puede ser usado para \"secuestrar el proceso VMX\"."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2
},
"baseSeverity": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": true,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0",
"versionEndExcluding": "1.0.5",
"matchCriteriaId": "E913C6E9-454D-4FE7-B22B-F24E194F5CE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0",
"versionEndExcluding": "2.0.1",
"matchCriteriaId": "310A0A72-A709-407D-A68D-24EF59EEC553"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.0.6",
"matchCriteriaId": "841FDCE0-8D59-4AE6-8996-5BFD8736DA86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0",
"versionEndExcluding": "2.0.3",
"matchCriteriaId": "3D86484E-0D38-49BC-9C80-688A83F80345"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0",
"versionEndExcluding": "1.0.5",
"matchCriteriaId": "517722B0-4E12-4A3B-A35B-2A88DA6D30A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.5.6",
"matchCriteriaId": "E6C0BDA4-C4AE-4C91-A8D3-A965CCCE3C2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0",
"versionEndExcluding": "6.0.3",
"matchCriteriaId": "76907A90-590B-4FBA-977E-CCF19F6F405F"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://securityreason.com/securityalert/3755",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://securitytracker.com/id?1019622",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded",
"source": "cve@mitre.org",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/28276",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/0905/references",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41252",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink