CVE-2008-1361

medium

VMware

CVSS v3 Base Score

6.8

AV:L/AC:L/Au:S/C:C/I:C/A:C

EPSS Score

0.0%

Exploitation probability in 30 days

Top 88% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: March 20, 2008 (6629 days ago)

Last Modified: April 23, 2026

Vendor: VMware

Source: NVD

Description

VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362.

CWE

CWE-264

Affected Products

vmware acevmware playervmware servervmware vmware servervmware vmware workstationvmware workstation

References

🔗 lists.vmware.com 🔗 security.gentoo.org 🔗 securityreason.com 🔗 securitytracker.com 🔗 www.securityfocus.com

CVE-2008-1361

Vulnerability Report

Description

CWE

Affected Products

References