CVE-2008-1340

high VMware
CVSS v3 Base Score
7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C
EPSS Score
1.1%
Exploitation probability in 30 days
Top 22% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
None
Integrity
None
Availability
C
Published: March 20, 2008 (6629 days ago)
Last Modified: April 23, 2026
Vendor: VMware
Source: NVD

Description

Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption."

CWE

CWE-399

Affected Products

vmware acevmware playervmware servervmware vmware servervmware vmware workstationvmware workstation

References

🔗 lists.vmware.com 🔗 security.gentoo.org 🔗 securityreason.com 🔗 securitytracker.com 🔗 www.securityfocus.com