CVE-2008-4917

high VMware
CVSS v3 Base Score
7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
0.1%
Exploitation probability in 30 days
Top 78% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: December 9, 2008 (6365 days ago)
Last Modified: April 23, 2026
Vendor: VMware
Source: NVD

Description

Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption.

CWE

CWE-399

Affected Products

vmware esxvmware esxivmware playervmware servervmware workstation

References

🔗 kb.vmware.com 🔗 kb.vmware.com 🔗 secunia.com 🔗 security.gentoo.org 🔗 securitytracker.com