CVE-2008-1362

high

VMware

CVSS v3 Base Score

7.2

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS Score

0.0%

Exploitation probability in 30 days

Top 90% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: March 20, 2008 (6629 days ago)

Last Modified: April 23, 2026

Vendor: VMware

Source: NVD

Description

VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an "insecurely created named pipe," a different vulnerability than CVE-2008-1361.

CWE

CWE-264

Affected Products

vmware acevmware playervmware servervmware vmware servervmware vmware workstationvmware workstation

References

🔗 lists.vmware.com 🔗 security.gentoo.org 🔗 securityreason.com 🔗 securitytracker.com 🔗 www.securityfocus.com

CVE-2008-1362

Vulnerability Report

Description

CWE

Affected Products

References