KLA10386
Multiple vulnerabilities in VMware
Обновлено: 17/06/2019
Дата обнаружения
23/09/2010
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to cause denial of service, inject arbitrary scripts, execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities

  1. Insecure file rendering can be exploited locally by overwriting index.htm;
  2. Buffer overflows, improper handling of compressed data and memory leaks can be exploited remotely via a specially designed PNG image;
  3. Improper request handling can be exploited via a specially designed request.
Пораженные продукты

VMware Workstation verisons 7.1.1 and earlier
VMware Player versions 3.1.1 and earlier
VMware ACE Management Server versions 2.7.1 and earlier

Решение

Update to latest version
VMWare Products

Первичный источник обнаружения
VMware bulletin
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

CI 
[?]
Связанные продукты
VMware Workstation
VMware Player
VMware ACE
CVE-IDS
CVE-2010-042510.0Critical
CVE-2010-04344.3Warning
CVE-2010-12057.5Critical
CVE-2010-02057.8Critical
CVE-2010-22495.0Critical
CVE-2010-32772.1Warning