Kaspersky Threats

Kaspersky ID:

KLA10381

Detect Date:

04/12/2010

Updated:

06/03/2020

Description

Multiple critical vulnerabilities have been found in VMware. Malicious users can exploit these vulnerabilities to execute arbitrary code or gain privileges. Below is a complete list of vulnerabilities

Improper library access can be exploited remotely at a point related to network share;
Improper loading of VMware programs can be exploited locally.

Original advisories

CVE list

CVE-2010-1142
critical
CVE-2010-1141
critical

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!

Kaspersky ID:

KLA10381

Detect Date:

04/12/2010

Updated:

06/03/2020

Severity

critical

Solution

Update to latest version
Vmware Products

Impacts

ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected products

VMware Workstation 6.5.x versions earlier than 6.5.4 build 246459
VMware Player 2.5.x versions earlier than 2.5.4 build 246459
VMware ACE 2.5.x versions earlier than 2.5.4 build 246459
VMware Server 2.x versions earlier than 2.0.2 build 203138
VMware Fusion 2.x versions earlier than 2.0.6 build 246742
VMware ESXi versions 3.5 and 4.0 VMware ESX versions 2.5.5, 3.0.3, 3.5, and 4.0

Multiple vulnerabilities in VMware

Description

Original advisories

Related products

CVE list

Read more