CVE-2008-2097

critical

VMware

CVSS v3 Base Score

9.0

AV:N/AC:L/Au:S/C:C/I:C/A:C

EPSS Score

4.2%

Exploitation probability in 30 days

Top 11% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: June 5, 2008 (6551 days ago)

Last Modified: April 23, 2026

Vendor: VMware

Source: NVD

Description

Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."

CWE

CWE-119

Affected Products

vmware esxvmware esxi

References

🔗 lists.opensuse.org 🔗 secunia.com 🔗 secunia.com 🔗 securityreason.com 🔗 securitytracker.com

CVE-2008-2097

Vulnerability Report

Description

CWE

Affected Products

References