Oval Definition:oval:org.mitre.oval:def:5081
Revision Date:2010-05-17Version:3
Title:VMware Buffer Overflows in VIX API Let Local Users Execute Arbitrary Code
Description:Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2008-2100
Platform(s):VMWare ESX Server 2
VMWare ESX Server 3
Product(s):
Definition Synopsis
  • VMWare ESX Server 3.0.2 meets CVE-2008-2100
  • VMWare ESX Server 3.0.2 is installed
  • AND All patches must be installed to not be vulnerable
  • Patch ESX-1004727 is not installed
  • OR Patch ESX-1004821 is not installed
  • OR Patch ESX-1004216 is not installed
  • OR Patch ESX-1004726 is not installed
  • OR Patch ESX-1004722 is not installed
  • OR Patch ESX-1004724 is not installed
  • OR Patch ESX-1004719 is not installed
  • OR Patch ESX-1004219 is not installed
  • OR VMWare ESX Server 3.0.1 meets CVE-2008-2100
  • VMWare ESX Server 3.0.1 is installed
  • AND All patches must be installed to not be vulnerable
  • Patch ESX-1004186 is not installed
  • OR Patch ESX-1004728 is not installed
  • OR Patch ESX-1004725 is not installed
  • OR Patch ESX-1004721 is not installed
  • OR Patch ESX-1004723 is not installed
  • OR Patch ESX-1004190 is not installed
  • OR Patch ESX-1004189 is not installed
  • OR VMWare ESX Server 2.5.5 meets CVE-2008-2100
  • VMWare ESX Server 2.5.5 build 57619 or higher is installed
  • AND VMWare ESX Server 2.5.5 upgrade patch 8 is not installed
  • OR VMWare ESX Server 2.5.4 meets CVE-2008-2100
  • VMWare ESX Server 2.5.4 build 32233 or higher is installed
  • AND VMWare ESX Server 2.5.4 upgrade patch 19 is not installed
    • BACK