Searching
..

Click anywhere to stop

KLA10386
Multiple vulnerabilities in VMware

Updated: 01/22/2024
Detect date
?
09/23/2010
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to cause denial of service, inject arbitrary scripts, execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities

  1. Insecure file rendering can be exploited locally by overwriting index.htm;
  2. Buffer overflows, improper handling of compressed data and memory leaks can be exploited remotely via a specially designed PNG image;
  3. Improper request handling can be exploited via a specially designed request.
Affected products

VMware Workstation verisons 7.1.1 and earlier
VMware Player versions 3.1.1 and earlier
VMware ACE Management Server versions 2.7.1 and earlier

Solution

Update to latest version
VMWare Products

Original advisories

VMware bulletin

Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

CI 
[?]

SB 
[?]
Related products
VMware Workstation
VMware Player
VMware ACE
CVE-IDS
?
CVE-2010-04344.3Warning
CVE-2010-12057.5Critical
CVE-2010-02054.3Warning
CVE-2010-22494.3Warning
CVE-2010-32772.1Warning
Find out the statistics of the vulnerabilities spreading in your region