Searching
..

Click anywhere to stop

KLA10452
Multiple vulnerabilities in VMware products

Updated: 01/22/2024
Detect date
?
01/27/2015
Severity
?
High
Description

Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to gain privileges or cause denial of service.

Below is a complete list of vulnerabilities

  1. Vectors related to file write can be exploited locally;
  2. Improper input validation can be exploited locally;
  3. An obsolete version of SSL can be exploited remotely;
  4. An obsolete version of libxml2 can be exploited remotely.
Affected products

VMware Workstation 10 versions earlier than 10.0.5
VMware Player 6 versions earlier than 6.0.5
VMware Fusion 7 versions earlier than 7.0.1
VMware Fusion 6 versions earlier than 6.0.5
VMware vCenter Server 5.5 earlier than update 2d
ESXi 5.5 without patch ESXi550-201403102-SG, ESXi550-201501101-SG
ESXi 5.1 without patch ESXi510-201404101-SG
ESXi 5.0 without patch ESXi500-201405101-SG

Solution

Update to latest version
Get VMware products

Original advisories

VMSA

Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]

LoI 
[?]
Related products
VMware Workstation
VMware Player
VMware Server
VMware vCenter Converter Standalone
VMware vSphere Client
VMware Fusion
CVE-IDS
?
CVE-2014-35664.3Warning
CVE-2014-35684.3Warning
CVE-2014-36605.0Warning
CVE-2015-10433.3Warning
CVE-2015-10443.3Warning
CVE-2014-35137.1High
CVE-2014-35677.1High
CVE-2014-83706.4High
Exploitation

Public exploits exist for this vulnerability.

Find out the statistics of the vulnerabilities spreading in your region