Skip to main content

VMware ESX and vMA Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 8 Jan 2010 5488 Views

RISK: Medium Risk

Multiple vulnerabilities have been identified in VMware ESX and vMA, which could be exploited by attackers to manipulate or disclose certain data, bypass security restrictions or compromise a vulnerable system. These issues are caused by errors in NSS and NSPR.


Impact

  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • VMware ESX version 4.0
  • VMware vMA version 4.0

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • VMware ESX 4.0
    Apply ESX400-200912403-SG
  • VMware vMA (RHEL5)
    A patch is still pending.

Vulnerability Identifier


Source


Related Link