VMware Products Multiple Vulnerabilities
Last Update Date:
25 Feb 2013 15:59
Release Date:
25 Feb 2013
4349
Views
RISK: High Risk
TYPE: Operating Systems - VM Ware
Multiple vulnerabilities have been identified in VMware products, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
- An error in the handling of the NFC (Network File Copy) protocol can be exploited to corrupt memory.
- The products bundle a vulnerable version of OpenSSL.
- The products bundle a vulnerable version of Oracle Java.
Impact
- Denial of Service
- Remote Code Execution
- Information Disclosure
System / Technologies affected
- VMware ESX Server 3.x
- VMware ESX Server 4.x
- VMware ESXi 3.x
- VMware ESXi 4.x
- VMware ESXi 5.x
- VMware vCenter Server 4.x
- VMware vCenter Server 5.x
- VMware VirtualCenter 2.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply patches
Vulnerability Identifier
- CVE-2012-1531
- CVE-2012-1532
- CVE-2012-1533
- CVE-2012-2110
- CVE-2012-3143
- CVE-2012-3159
- CVE-2012-3216
- CVE-2012-4416
- CVE-2012-5067
- CVE-2012-5068
- CVE-2012-5069
- CVE-2012-5070
- CVE-2012-5071
- CVE-2012-5072
- CVE-2012-5073
- CVE-2012-5074
- CVE-2012-5075
- CVE-2012-5076
- CVE-2012-5077
- CVE-2012-5078
- CVE-2012-5079
- CVE-2012-5080
- CVE-2012-5081
- CVE-2012-5082
- CVE-2012-5083
- CVE-2012-5084
- CVE-2012-5085
- CVE-2012-5086
- CVE-2012-5087
- CVE-2012-5088
- CVE-2012-5089
- CVE-2013-1659
Source
Related Link
Share with