Skip to main content

VMware Products Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 6 Dec 2010 5716 Views

RISK: Medium Risk

Multiple vulnerabilities have been identified in VMware products, which could be exploited by remote attackers to execute arbitrary code, or by malicious users to gain elevated privileges on a host or guest system.

1. Caused by a race condition within the "vmware-mount" utility when handling temporary files, which could allow local users on the host to elevate their privileges.

2. Caused by an error in the suid binary "vmware-mount" when loading librairies, which could be exploited by malicious users on the host to execute arbitrary shared object files with root privileges.

3. Caused by an error in the input validation of VMware Tools update, which could allow a user on the host to execute commands on the guest system with root privileges. The issue does not affect Windows-based virtual machines and can only be exploited if VMware Tools is not fully up-to-date.

4. Caused by a heap corruption error in the decoder frame decompression routine of the VMnc media codec, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a malicious web page or opening a malicious video file.


Impact

  • Elevation of Privilege
  • Remote Code Execution

System / Technologies affected

  • VMware Workstation version 7.1.1 and prior
  • VMware Workstation version 6.5.4 and prior
  • VMware Movie Decoder version 7.1.1 and prior
  • VMware Movie Decoder version 6.5.4 and prior
  • VMware Player version 3.1.1 and prior
  • VMware Player version 2.5.4 and prior
  • VMware Fusion version 3.1.1 and prior
  • VMware ESXi version 4.1 and prior
  • VMware ESXi version 4.0 and prior
  • VMware ESXi version 3.5 and prior
  • VMware ESX version 4.1 and prior
  • VMware ESX version 4.0 and prior
  • VMware ESX version 3.5 and prior
  • VMware Server version 2.0.2 and prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link