VMwareProducts DHCP and JRE Code Execution Vulnerabilities
Last Update Date:
28 Jan 2011
Release Date:
20 Oct 2009
5439
Views
RISK: Medium Risk
Multiple vulnerabilities have been identified in various VMware products, which could be exploited by remote attackers to bypass security restrictions, disclose sensitive information, cause a denial of service or compromise a vulnerable system. These issues are caused by errors in DHCP and JRE.
Impact
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- VMWare ESXi version 4.0
- VMWare ESX version 4.0
- VMWare vCenter version 4.0
- VMWare VirtualCenter version 2.5
- VMWare VirtualCenter version 2.0.2
- VMWare Server version 2.0
Solutions
There is no patch available for this vulnerability currently.
Workaround
Do not visit untrusted websites or follow untrusted links.
Restrict network access to trusted users only.
Vulnerability Identifier
- CVE-2008-2086
- CVE-2008-5339
- CVE-2008-5340
- CVE-2008-5341
- CVE-2008-5342
- CVE-2008-5343
- CVE-2008-5344
- CVE-2008-5345
- CVE-2008-5346
- CVE-2008-5347
- CVE-2008-5348
- CVE-2008-5349
- CVE-2008-5350
- CVE-2008-5351
- CVE-2008-5352
- CVE-2008-5353
- CVE-2008-5354
- CVE-2008-5355
- CVE-2008-5356
- CVE-2008-5357
- CVE-2008-5358
- CVE-2008-5359
- CVE-2008-5360
- CVE-2009-1093
- CVE-2009-1094
- CVE-2009-1095
- CVE-2009-1096
- CVE-2009-1097
- CVE-2009-1098
- CVE-2009-1099
- CVE-2009-1100
- CVE-2009-1101
- CVE-2009-1102
- CVE-2009-1103
- CVE-2009-1104
- CVE-2009-1105
- CVE-2009-1106
- CVE-2009-1107
- CVE-2009-1893
Source
Related Link
Share with