製品・ソフトウェアに関する情報

JVN脆弱性詳細

複数の VMware 製品の ActiveX コントロールにおける脆弱性

Title	複数の VMware 製品の ActiveX コントロールにおける脆弱性
Summary	複数の VMware 製品の ActiveX コントロールには、詳細不明な脆弱性が存在します。本脆弱性は、CVE-2008-3692、CVE-2008-3693、CVE-2008-3694、CVE-2008-3695 および CVE-2008-3696 とは異なる脆弱性です。
Possible impacts	この脆弱性による影響の詳細は不明です。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Aug. 28, 2008, midnight
Registration Date	Sept. 13, 2010, 3:58 p.m.
Last Update	Sept. 13, 2010, 3:58 p.m.

Affected System

VMware

VMware ACE 1.x

VMware ACE 2.x

VMware Player 1.x

VMware Player 2.x

VMware Server 1.x

VMware Workstation 5.x

VMware Workstation 6.x

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2008-3691	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3691
National Vulnerability Database (NVD)
2	CVE-2008-3691	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3691

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/CWE.html#CWEnoinfo

ベンダー情報

No	Name	URL
Release Notes
1	releasenotes_ace	http://www.vmware.com/support/ace/doc/releasenotes_ace.html
2	releasenotes_ace2	http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
3	releasenotes_player	http://www.vmware.com/support/player/doc/releasenotes_player.html
4	releasenotes_player2	http://www.vmware.com/support/player2/doc/releasenotes_player2.html
5	releasenotes_server	http://www.vmware.com/support/server/doc/releasenotes_server.html
6	releasenotes_ws55	http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
7	releasenotes_ws6	http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
VMware Security Advisories
8	VMSA-2008-0014	http://www.vmware.com/security/advisories/VMSA-2008-0014.html

その他

No	Name	URL
Secunia Advisory
1	SA31707	http://secunia.com/advisories/31707
2	SA31708	http://secunia.com/advisories/31708
3	SA31709	http://secunia.com/advisories/31709
4	SA31710	http://secunia.com/advisories/31710
SecurityFocus
5	30934	http://www.securityfocus.com/bid/30934
SecurityTracker
6	1020791	http://www.securitytracker.com/id?1020791
VUPEN Security
7	VUPEN/ADV-2008-2466	http://www.vupen.com/english/advisories/2008/2466

Change Log

No	Changed Details	Date of change
0	[2010年09月13日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2008-3691

Summary	Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696.
Publication Date	Sept. 3, 2008, 11:12 p.m.
Registration Date	Jan. 29, 2021, 1:40 p.m.
Last Update	Nov. 2, 2018, 12:14 a.m.

Affected software configurations

Related information, measures and tools

No	URL	refsource	タグ
1	http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html	FULLDISC	Third Party Advisory
2	http://secunia.com/advisories/31707	SECUNIA	Patch Third Party Advisory
3	http://secunia.com/advisories/31708	SECUNIA	Patch Third Party Advisory
4	http://secunia.com/advisories/31709	SECUNIA	Patch Third Party Advisory
5	http://secunia.com/advisories/31710	SECUNIA	Patch Third Party Advisory
6	http://securityreason.com/securityalert/4202	SREASON	Third Party Advisory
7	http://www.securityfocus.com/archive/1/495869/100/0/threaded	BUGTRAQ	Third Party Advisory VDB Entry
8	http://www.securityfocus.com/bid/30934	BID	Third Party Advisory VDB Entry
9	http://www.securitytracker.com/id?1020791	SECTRACK	Third Party Advisory VDB Entry
10	http://www.vmware.com/security/advisories/VMSA-2008-0014.html	CONFIRM	Vendor Advisory
11	http://www.vmware.com/support/ace/doc/releasenotes_ace.html	CONFIRM	Vendor Advisory
12	http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html	CONFIRM	Vendor Advisory
13	http://www.vmware.com/support/player/doc/releasenotes_player.html	CONFIRM	Vendor Advisory
14	http://www.vmware.com/support/player2/doc/releasenotes_player2.html	CONFIRM	Vendor Advisory
15	http://www.vmware.com/support/server/doc/releasenotes_server.html	CONFIRM	Vendor Advisory
16	http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html	CONFIRM	Vendor Advisory
17	http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html	CONFIRM	Vendor Advisory
18	http://www.vupen.com/english/advisories/2008/2466	VUPEN	Third Party Advisory

Common Vulnerabilities List