CVE-2008-0923

CVE-2008-0923 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a "%c0%2e%c0%2e" string.

Learn more about our Cis Benchmark Audit For Vmware.