Some vulnerabilities have been reported in various VMware products, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), or gain escalated privileges.
1) An error exists in the CPU hardware emulation when handling the Trap flag. This can be exploited by a local user on a guest operating system to gain escalated privileges.
2) An unspecified error in the implementation of virtual machine hardware can be exploited to write to arbitrary physical memory on the host via a specially crafted request sent from a guest operating system.
3) An unspecified error in a guest virtual device driver can be exploited to crash the host system.
Please see vendor's advisories for a list of affected products and versions.
Solution: Update to the latest version or apply patches.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com
Subject: VMware Products Multiple Vulnerabilities
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.