Search for vulnerabilities
Vulnerability details: VCID-hcwx-gks2-aaaf
Vulnerability ID VCID-hcwx-gks2-aaaf
Aliases CVE-2008-4915
Summary The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-264 Permissions, Privileges, and Access Controls
System Score Found at
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
epss 0.00132 https://api.first.org/data/v1/epss?cve=CVE-2008-4915
cvssv2 6.9 https://nvd.nist.gov/vuln/detail/CVE-2008-4915
Reference id Reference type URL
http://lists.vmware.com/pipermail/security-announce/2008/000042.html
https://api.first.org/data/v1/epss?cve=CVE-2008-4915
http://secunia.com/advisories/32612
http://secunia.com/advisories/32624
http://security.gentoo.org/glsa/glsa-201209-25.xml
https://exchange.xforce.ibmcloud.com/vulnerabilities/46415
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6309
http://www.securityfocus.com/archive/1/498138/100/0/threaded
http://www.securityfocus.com/bid/32168
http://www.securitytracker.com/id?1021154
http://www.vmware.com/security/advisories/VMSA-2008-0018.html
http://www.vupen.com/english/advisories/2008/3052
cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:esx:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:esx:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*
CVE-2008-4915 https://nvd.nist.gov/vuln/detail/CVE-2008-4915
GLSA-201209-25 https://security.gentoo.org/glsa/201209-25
No exploits are available.
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2008-4915
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.11115
EPSS Score 0.00046
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.