CVE-2008-3693

Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html	Third Party Advisory
http://secunia.com/advisories/31707	Patch Third Party Advisory
http://secunia.com/advisories/31708	Patch Third Party Advisory
http://secunia.com/advisories/31709	Patch Third Party Advisory
http://secunia.com/advisories/31710	Patch Third Party Advisory
http://securityreason.com/securityalert/4202	Third Party Advisory
http://www.securityfocus.com/archive/1/495869/100/0/threaded	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/30934	Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1020791	Third Party Advisory VDB Entry
http://www.vmware.com/security/advisories/VMSA-2008-0014.html	Vendor Advisory
http://www.vmware.com/support/ace/doc/releasenotes_ace.html	Vendor Advisory
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html	Vendor Advisory
http://www.vmware.com/support/player/doc/releasenotes_player.html	Vendor Advisory
http://www.vmware.com/support/player2/doc/releasenotes_player2.html	Vendor Advisory
http://www.vmware.com/support/server/doc/releasenotes_server.html	Vendor Advisory
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html	Vendor Advisory
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html	Vendor Advisory
http://www.vupen.com/english/advisories/2008/2466	Third Party Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html	Third Party Advisory
http://secunia.com/advisories/31707	Patch Third Party Advisory
http://secunia.com/advisories/31708	Patch Third Party Advisory
http://secunia.com/advisories/31709	Patch Third Party Advisory
http://secunia.com/advisories/31710	Patch Third Party Advisory
http://securityreason.com/securityalert/4202	Third Party Advisory
http://www.securityfocus.com/archive/1/495869/100/0/threaded	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/30934	Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1020791	Third Party Advisory VDB Entry
http://www.vmware.com/security/advisories/VMSA-2008-0014.html	Vendor Advisory
http://www.vmware.com/support/ace/doc/releasenotes_ace.html	Vendor Advisory
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html	Vendor Advisory
http://www.vmware.com/support/player/doc/releasenotes_player.html	Vendor Advisory
http://www.vmware.com/support/player2/doc/releasenotes_player2.html	Vendor Advisory
http://www.vmware.com/support/server/doc/releasenotes_server.html	Vendor Advisory
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html	Vendor Advisory
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html	Vendor Advisory
http://www.vupen.com/english/advisories/2008/2466	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:vmware:ace::::::::
	cpe:2.3:a:vmware:ace::::::::
	cpe:2.3:a:vmware:player::::::::
	cpe:2.3:a:vmware:player::::::::
	cpe:2.3:a:vmware:server::::::::
	cpe:2.3:a:vmware:workstation::::::::
	cpe:2.3:a:vmware:workstation::::::::

History

21 Nov 2024, 00:49

Information

Published : 2008-09-03 14:12

Updated : 2025-04-09 00:30

NVD link : CVE-2008-3693

Mitre link : CVE-2008-3693

CVE.ORG link : CVE-2008-3693

JSON object : View

Products Affected

vmware

ace
player
workstation
server

CWE

NVD-CWE-noinfo

{"id": "CVE-2008-3693", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-09-03T14:12:00.000", "references": [{"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/31707", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/31708", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/31709", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/31710", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/4202", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/30934", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1020791", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/2466", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/31707", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/31708", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/31709", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/31710", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/4202", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/30934", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1020791", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2008/2466", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696."}, {"lang": "es", "value": "Vulnerabilidad no espeficada en un cierto control ActiveX en VMware Workstation 5.5.x versiones anteriores a 5.5.8 build 108000, VMware Workstation 6.0.x versiones anteriores a 6.0.5 build 109488, VMware Player 1.x versiones anteriores a 1.0.8 build 108000, VMware Player 2.x versiones anteriores a 2.0.5 build 109488, VMware ACE 1.x versiones anteriores a 1.0.7 build 108880, VMware ACE 2.x versiones anteriores a 2.0.5 build 109488, y VMware Server before 1.0.7 build 108231 tiene un impacto y vectores de ataque desconocidos, una vulnerabilidad diferente a CVE-2008-3691, CVE-2008-3692, CVE-2008-3694, CVE-2008-3695, y CVE-2008-3696."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "799650A4-BD6F-40EF-889B-6ED50E05CCA8", "versionEndExcluding": "1.0.7", "versionStartIncluding": "1.0"}, {"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E196532F-3B8D-4DAB-9DBA-FE204D3A07A9", "versionEndExcluding": "2.0.5", "versionStartIncluding": "2.0"}, {"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B553A95A-C3D3-4A01-80D6-2F656BA26BF3", "versionEndExcluding": "1.0.8", "versionStartIncluding": "1.0.0"}, {"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8CD1D7B-2D6F-4D48-8276-5C3285FF7B3E", "versionEndExcluding": "2.0.5", "versionStartIncluding": "2.0"}, {"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1BF4289-F9A3-49B8-9641-9F7B0A02F3E9", "versionEndExcluding": "1.0.7"}, {"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A47F4F7-B457-4F5B-B719-7A5741595456", "versionEndExcluding": "5.5.8", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2B69FA6-E75A-4EDB-BD6C-41B560AABBC0", "versionEndExcluding": "6.0.5", "versionStartIncluding": "6.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

10.0 /10