ACE vulnerability in VMware

Описание

Multiple critical vulnerabilities have been found in VMware. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities

1. Improper RPC handling can be exploited by guest OS users via specially designed pointers;
2. Unknown vectors can be exploited remotely via specially designed NFS traffic;
3. Improper floppy & SCSI devices can be exploited by guest OS users via unknown vectors.

Первичный источник обнаружения

• VMware bulletin
  

Связанные продукты

• VMware-Workstation
• VMware-Player
• VMware-Infrastructure
• VMware-vSphere-Client
• VMware-Fusion

Список CVE

• CVE-2012-2449
  critical
• CVE-2012-2448
  critical
• CVE-2012-2450
  critical
• CVE-2012-1517
  critical
• CVE-2012-1516
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com