Multiple vulnerabilities in VMware products

Descripción

Multiple vulnerabilities was found in VWware Workstation and Fusion. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and bypass security restrictions.

Below is a complete list of vulnerabilities:

1. A vulnerability in systems with microprocessors utilizing speculative execution and address translations can be exploited to bypass security restrictions and possible to obtain sensetive information via a terminal page fault and a side-channel analysis;
2. An out-of-bounds write vulnerability can be exploited remotely to execute arbitrary code.

Notas informativas originales

• VMSA-2018-0020

• VMSA-2018-0022
• VMSA-2018-0026

Productos relacionados

• VMware-Workstation
• VMware-Fusion

Lista CVE

• CVE-2018-3646
  warning
• CVE-2018-6973
  high
• CVE-2018-6974
  high

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com