Skip to main content

VMware Products Multiple Vulnerabilities

Last Update Date: 15 Jun 2012 17:14 Release Date: 15 Jun 2012 4761 Views

RISK: Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities have been identified in multiple VMware products, which can be exploited by malicious people to cause denial of service or compromise a user's system.

  1. An input validation error when parsing Checkpoint files and can be exploited to execute arbitrary code.
  2. A user with the ability to modify communications data between a remote virtual device (e.g., CD-ROM, keyboard) located on a physically separate system and the target virtual machine can cause the target virtual machine to crash.

Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • VMware ESX Server 3.x
  • VMware ESX Server 4.x
  • VMware ESXi 3.x
  • VMware ESXi 4.x
  • VMware ESXi 5.x
  • VMware Fusion 4.x
  • VMware Player 3.x
  • VMware Player 4.x
  • VMware Workstation 7.x
  • VMware Workstation 8.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to a fixed version
    http://www.vmware.com/security/advisories/VMSA-2012-0011.html

 


Vulnerability Identifier


Source


Related Link