CVE-2008-3761
VMware Workstation 6.5.1 - 'hcmon.sys 6.0.0.45731' Local Denial of Service
Severity Score
4.9
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 uses the METHOD_NEITHER communication method for IOCTLs, which allows local users to cause a denial of service via a crafted IOCTL request.
hcmon.sys en VMware Workstation 6.0.0.45731 utiliza el método de comunicación METHOD_NEITHER para IOCTLs, lo cual tiene un impacto desconocido (posiblemente caída) y vectores de ataque locales a través de una petición IOCTL manipulada.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-08-21 CVE Reserved
- 2008-08-21 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://lists.vmware.com/pipermail/security-announce/2009/000054.html | Mailing List | |
| http://seclists.org/fulldisclosure/2009/Apr/0036.html | Mailing List |
|
| http://securityreason.com/securityalert/4177 | Third Party Advisory | |
| http://www.orange-bat.com/adv/2008/adv.08.17.txt | X_refsource_misc | |
| http://www.securityfocus.com/bid/30737 | Vdb Entry | |
| http://www.securityfocus.com/bid/34373 | Vdb Entry | |
| http://www.securitytracker.com/id?1020715 | Vdb Entry | |
| http://www.vmware.com/security/advisories/VMSA-2009-0005.html | X_refsource_confirm | |
| http://www.vupen.com/english/advisories/2009/0944 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/44539 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/6262 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vmware Search vendor "Vmware" | Vmware Workstation Search vendor "Vmware" for product "Vmware Workstation" | 6.0.0.45731 Search vendor "Vmware" for product "Vmware Workstation" and version "6.0.0.45731" | - |
Affected
| ||||||