Rapid7 Vulnerability & Exploit Database

VMware Player: Setting ActiveX killbit (VMSA-2008-0014) (CVE-2008-3693)

Back to Search

VMware Player: Setting ActiveX killbit (VMSA-2008-0014) (CVE-2008-3693)

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
09/03/2008
Created
07/25/2018
Added
11/30/2013
Modified
10/24/2016

Description

Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696.

Solution(s)

  • vmware-player-upgrade-1_0_8
  • vmware-player-upgrade-2_0_5

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;