VMware ESX Server / ESXi Multiple Vulnerabilities
Last Update Date:
7 May 2012 12:39
Release Date:
7 May 2012
5591
Views
RISK: High Risk
TYPE: Operating Systems - Embedded OS
Multiple vulnerabilities have been identified in VMware ESX Server and VMware ESXi, which can be exploited by malicious users to escalated privileges, cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
- An errors when handling RPC commands can be exploited to cause a crash and potentially execute arbitrary code.
- An error when parsing NFS traffic can be exploited to corrupt memory.
- An error in the virtual floppy device can be exploited to cause an out-of-bounds write.
- An error in the virtual SCSI device can be exploited to cause an out-of-bounds write.
Impact
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
System / Technologies affected
- VMware ESX Server 3.x
- VMware ESX Server 4.x
- VMware ESXi 3.x
- VMware ESXi 4.x
- VMware ESXi 5.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply patch or update
Vulnerability Identifier
Source
Related Link
Share with