CVE-2008-0967

medium VMware
CVSS v3 Base Score
6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS Score
0.1%
Exploitation probability in 30 days
Top 78% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C
Published: June 5, 2008 (6551 days ago)
Last Modified: April 23, 2026
Vendor: VMware
Source: NVD

Description

Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file.

CWE

NVD-CWE-Other

Affected Products

vmware esx servervmware esxivmware playervmware servervmware vmware servervmware vmware workstationvmware workstationvmware esx

References

🔗 labs.idefense.com 🔗 secunia.com 🔗 security.gentoo.org 🔗 securityreason.com 🔗 securitytracker.com