| CVE |  | CVE-2008-1363 |
| Status | | Candidate |
| Description | | VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation of a config.ini file located in an Application Data folder, which can be used for "hijacking the VMX process." |
| Phase | | Assigned (17.03.2008) |
| SecurityVulns: |  | VMWare applications multiple security vulnerabilities |
| NVD: | | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363 |
| References |  | BID : 28276 |
| | | BUGTRAQ : 20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues |
| | | CONFIRM : http://www.vmware.com/security/advisories/VMSA-200... |
| | | CONFIRM : http://www.vmware.com/support/ace2/doc/releasenote... |
| | | CONFIRM : http://www.vmware.com/support/player/doc/releaseno... |
| | | CONFIRM : http://www.vmware.com/support/player2/doc/releasen... |
| | | CONFIRM : http://www.vmware.com/support/server/doc/releaseno... |
| | | CONFIRM : http://www.vmware.com/support/ws55/doc/releasenote... |
| | | CONFIRM : http://www.vmware.com/support/ws6/doc/releasenotes... |
| | | MLIST : [security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues |
| | | SECTRACK : 1019622 |
| | | XF : vmware-config-privilege-escalation(41252) |
