Summary
The host is installed with VMWare products and are prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attacker to cause a heap-based buffer overflow via specially crafted video files containing incorrect framebuffer parameters.
Impact Level: System/Application
Solution
Upgrade to workstation version 6.5.4 build 246459, http://www.vmware.com/products/ws/
Upgrade to VMware player version 6.5.4 build 246459, http://www.vmware.com/products/player/
Apply workaround for VMware Server version 2.x,
http://www.vmware.com/resources/techresources/726
*****
NOTE: Ignore this warning, if above mentioned workaround is manually applied.
*****
Insight
The multiple flaws are due to
- An integer truncation errors in 'vmnc.dll' when processing 'HexTile' encoded video chunks which can be exploited to cause heap-based buffer overflows.
- A format string vulnerability in 'vmrun' allows users to gain privileges via format string specifiers in process metadata.
Affected
VMware Server version 2.x,
VMware Player version 2.5.x before 2.5.4 build 246459 and VMware Workstation version 6.5.x before 6.5.4 build 246459 on windows
References
Severity
Classification
-
CVE CVE-2009-1564, CVE-2009-1565, CVE-2010-1139 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Media Server Multiple Remote Security Vulnerabilities
- Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities -01 Feb13 (Mac OS X)
- Aastra IP Telephone Hardcoded Telnet Password Security Bypass Vulnerability
- Adobe AIR Multiple Vulnerabilities-01 Jun14 (Windows)