VMware Products UDF File Systems Buffer Overflow Vulnerability (Linux) Network Vulnerability

Summary

The host is installed with VMWare products and are prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow attacker to execution of arbitrary code. Impact Level: System/Application

Solution

Upgrade to Vmware Player version 3.1.5 or later For updates refer to http://www.vmware.com/security/advisories/VMSA-2011-0011.html Upgrade to Vmware Workstation version 7.1.5 or later For updates refer to http://www.vmware.com/security/advisories/VMSA-2011-0011.html

Insight

The flaw is due to an error when handling UDF filesystem images.This can be exploited to cause a buffer overflow via a specially crafted ISO image file.

Affected

Vmware Player version 3.0 before 3.1.5, VMware Workstation version 7.0 before 7.1.5

References

http://osvdb.org/76060
http://secunia.com/advisories/46241
http://www.securitytracker.com/id?1026139
http://www.vmware.com/security/advisories/VMSA-2011-0011.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3868
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Linux)
Adobe Reader Integer Overflow Vulnerability - Jan 12 (Linux)
Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Windows)
BarCodeWiz 'BarcodeWiz.dll' ActiveX Control BOF Vulnerability
BS.Player '.bsl' File Buffer Overflow Vulnerabilities

Take action and discover your vulnerabilities