VMware Products Multiple Vulnerabilities
Last Update Date:
15 Jun 2012 17:14
Release Date:
15 Jun 2012
4712
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities have been identified in multiple VMware products, which can be exploited by malicious people to cause denial of service or compromise a user's system.
- An input validation error when parsing Checkpoint files and can be exploited to execute arbitrary code.
- A user with the ability to modify communications data between a remote virtual device (e.g., CD-ROM, keyboard) located on a physically separate system and the target virtual machine can cause the target virtual machine to crash.
Impact
- Denial of Service
- Remote Code Execution
System / Technologies affected
- VMware ESX Server 3.x
- VMware ESX Server 4.x
- VMware ESXi 3.x
- VMware ESXi 4.x
- VMware ESXi 5.x
- VMware Fusion 4.x
- VMware Player 3.x
- VMware Player 4.x
- VMware Workstation 7.x
- VMware Workstation 8.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to a fixed version
http://www.vmware.com/security/advisories/VMSA-2012-0011.html
Vulnerability Identifier
Source
Related Link
Share with