Kaspersky Threats

KLA10386
Multiple vulnerabilities in VMware

Обновлено: 15/01/2020

Дата обнаружения	23/09/2010
Уровень угрозы	Critical
Описание	Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to cause denial of service, inject arbitrary scripts, execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities Insecure file rendering can be exploited locally by overwriting index.htm; Buffer overflows, improper handling of compressed data and memory leaks can be exploited remotely via a specially designed PNG image; Improper request handling can be exploited via a specially designed request.
Пораженные продукты	VMware Workstation verisons 7.1.1 and earlier VMware Player versions 3.1.1 and earlier VMware ACE Management Server versions 2.7.1 and earlier
Решение	Update to latest version VMWare Products
Первичный источник обнаружения	VMware bulletin
Оказываемое влияние ?	ACE [?] OSI [?] DoS [?] CI [?]
Связанные продукты	VMware Workstation VMware Player VMware ACE
CVE-IDS	CVE-2010-042510.0Critical CVE-2010-04344.3Warning CVE-2010-12057.5Critical CVE-2010-02057.8Critical CVE-2010-22495.0Critical CVE-2010-32772.1Warning