VMware ESX and vMA Multiple Vulnerabilities
Last Update Date:
28 Jan 2011
Release Date:
8 Jan 2010
5488
Views
RISK: Medium Risk
Multiple vulnerabilities have been identified in VMware ESX and vMA, which could be exploited by attackers to manipulate or disclose certain data, bypass security restrictions or compromise a vulnerable system. These issues are caused by errors in NSS and NSPR.
Impact
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- VMware ESX version 4.0
- VMware vMA version 4.0
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- VMware ESX 4.0
Apply ESX400-200912403-SG - VMware vMA (RHEL5)
A patch is still pending.
Vulnerability Identifier
- CVE-2009-1563
- CVE-2009-2404
- CVE-2009-2408
- CVE-2009-2409
- CVE-2009-3274
- CVE-2009-3370
- CVE-2009-3372
- CVE-2009-3373
- CVE-2009-3374
- CVE-2009-3375
- CVE-2009-3376
- CVE-2009-3380
- CVE-2009-3382
Source
Related Link
Share with