製品・ソフトウェアに関する情報

JVN脆弱性詳細

複数の VMware 製品のゲスト仮想デバイスドライバにおけるサービス運用妨害 (DoS) の脆弱性

Title	複数の VMware 製品のゲスト仮想デバイスドライバにおけるサービス運用妨害 (DoS) の脆弱性
Summary	VMware Workstation、VMware Player、VMware ACE、VMware Server、VMware Fusion、VMware ESXi、および VMware ESX のゲスト仮想デバイスドライバには、サービス運用妨害 (ホスト OS クラッシュ) 状態となる脆弱性が存在します。
Possible impacts	ゲスト OS ユーザにより、サービス運用妨害 (ホスト OS クラッシュ) 状態にされる可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	April 3, 2009, midnight
Registration Date	June 26, 2012, 4:02 p.m.
Last Update	June 26, 2012, 4:02 p.m.

CVSS2.0 : 警告
Score	4.6
Vector	AV:L/AC:L/Au:S/C:N/I:N/A:C

Affected System

VMware

VMware ACE 1.0.8 build 125922 未満、2.5.1 およびそれ以前の 2.x

VMware ESX 3.0.2、3.0.3、および 3.5

VMware ESXi 3.5

VMware Player 1.0.9 build 126128 未満、2.5.1 およびそれ以前の 2.x

VMware Server 1.0.8 build 126538 未満の 1.x、2.0.1 build 156745 およびそれ以前の 2.0.x

VMware Workstation 5.5.9 build 126128 未満、6.5.1 およびそれ以前の 6.x

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2008-4916	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4916
National Vulnerability Database (NVD)
2	CVE-2008-4916	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4916

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/CWE.html#CWEnoinfo

ベンダー情報

No	Name	URL
VMware
1	VMSA-2009-0005	http://www.vmware.com/security/advisories/VMSA-2009-0005.html

Change Log

No	Changed Details	Date of change
0	[2012年06月26日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2008-4916

Summary	Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors.
Publication Date	April 7, 2009, 12:30 a.m.
Registration Date	Jan. 29, 2021, 1:44 p.m.
Last Update	Sept. 29, 2017, 10:32 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:emc:vmware_player::::::::
cpe:2.3:a:vmware:vmware_ace:1.0:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.2:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.3:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.4:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.5:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.7:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.8:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.1:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.2:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.3:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.5:::::::*
cpe:2.3:a:vmware:vmware_ace:2.5:::::::*
cpe:2.3:a:vmware:vmware_ace:2.5.1:::::::*
cpe:2.3:a:vmware:vmware_esx:3.0.2:::::::*
cpe:2.3:a:vmware:vmware_esx:3.0.3:::::::*
cpe:2.3:a:vmware:vmware_esx:3.5:::::::*
cpe:2.3:a:vmware:vmware_esxi:3.5:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.0:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.1:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.2:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.3:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.4:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.5:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.6:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.7:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.8:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.9:::::::*
cpe:2.3:a:vmware:vmware_player:1.01:::::::*
cpe:2.3:a:vmware:vmware_player:1.05:::::::*
cpe:2.3:a:vmware:vmware_player:2.0:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.1:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.2:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.3:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.4:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.5:::::::*
cpe:2.3:a:vmware:vmware_player:2.5:::::::*
cpe:2.3:a:vmware:vmware_player:2.5.1:::::::*
cpe:2.3:a:vmware:vmware_server:1.0:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.0:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.1:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.2:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.3:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.4:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.5:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.6:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.7:::::::*
cpe:2.3:a:vmware:vmware_server:1.05:::::::*
cpe:2.3:a:vmware:vmware_server:2.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:4.5.3:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.1:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.2:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.3:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.4:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.5:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.6:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.7:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.8:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.0.45731:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.1:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.2:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.3:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.4:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.4:build_93057::::::
cpe:2.3:a:vmware:vmware_workstation:6.0.5:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.03:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.5:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.5.1:::::::*

Related information, measures and tools

No	URL	refsource
1	http://lists.vmware.com/pipermail/security-announce/2009/000054.html	MLIST
2	http://seclists.org/fulldisclosure/2009/Apr/0036.html	FULLDISC
3	http://security.gentoo.org/glsa/glsa-201209-25.xml	GENTOO
4	http://www.securityfocus.com/bid/34373	BID
5	http://www.securitytracker.com/id?1021973	SECTRACK
6	http://www.vmware.com/security/advisories/VMSA-2009-0005.html	CONFIRM
7	http://www.vupen.com/english/advisories/2009/0944	VUPEN
8	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6439	OVAL

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:emc:vmware_player::::::::
cpe:2.3:a:vmware:vmware_ace:1.0:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.2:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.3:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.4:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.5:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.7:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.8:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.1:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.2:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.3:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.5:::::::*
cpe:2.3:a:vmware:vmware_ace:2.5:::::::*
cpe:2.3:a:vmware:vmware_ace:2.5.1:::::::*
cpe:2.3:a:vmware:vmware_esx:3.0.2:::::::*
cpe:2.3:a:vmware:vmware_esx:3.0.3:::::::*
cpe:2.3:a:vmware:vmware_esx:3.5:::::::*
cpe:2.3:a:vmware:vmware_esxi:3.5:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.0:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.1:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.2:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.3:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.4:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.5:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.6:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.7:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.8:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.9:::::::*
cpe:2.3:a:vmware:vmware_player:1.01:::::::*
cpe:2.3:a:vmware:vmware_player:1.05:::::::*
cpe:2.3:a:vmware:vmware_player:2.0:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.1:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.2:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.3:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.4:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.5:::::::*
cpe:2.3:a:vmware:vmware_player:2.5:::::::*
cpe:2.3:a:vmware:vmware_player:2.5.1:::::::*
cpe:2.3:a:vmware:vmware_server:1.0:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.0:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.1:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.2:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.3:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.4:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.5:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.6:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.7:::::::*
cpe:2.3:a:vmware:vmware_server:1.05:::::::*
cpe:2.3:a:vmware:vmware_server:2.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:4.5.3:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.1:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.2:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.3:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.4:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.5:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.6:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.7:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.8:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.0.45731:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.1:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.2:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.3:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.4:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.4:build_93057::::::
cpe:2.3:a:vmware:vmware_workstation:6.0.5:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.03:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.5:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.5.1:::::::*