Skip to main content

VMware Workstation / Player / Fusion UDF Filesystem Handling Buffer Overflow Vulnerability

Last Update Date: 6 Oct 2011 14:21 Release Date: 6 Oct 2011 6352 Views

RISK: Medium Risk

TYPE: Operating Systems - VM Ware

TYPE: VM Ware

A vulnerability has been identified in some VMware products, which can be exploited by malicious people to compromise a user's system.

 

The vulnerability is caused due to an error when handling UDF filesystem images. This can be exploited to cause a buffer overflow via a specially crafted ISO image file.

Successful exploitation may allow execution of arbitrary code, but requires tricking a user into installing a system using a malicious file.


Impact

  • Remote Code Execution

System / Technologies affected

  • VMware Workstation 7.1.4 and earlier
  • VMware Player 3.1.4 and earlier
  • VMware Fusion 3.1.2 and earlier

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 7.1.5, 3.1.5, or 3.1.3.

Vulnerability Identifier


Source


Related Link