VMware directory traversal and privilege escalation vulnerabilities

Description

Two vulnerabilities have been identified in various VMware products, which could be exploited by attackers or malicious users to disclose sensitive information or gain elevated privileges. The first issue is caused due to an improper setting of the exception code on page faults on guest operating systems, which could allow malicious users to gain elevated privileges on a guest OS. The second vulnerability is caused by an unspecified input validation error, which could allow attackers with access to the network on which the host resides to download any file from the host system via directory traversal attacks

The following programs are vulnerable.

• VMware Workstation version 6.5.2 and prior
• VMware Player version 2.5.2 and prior
• VMware ACE version 2.5.2 and prior
• VMware Server version 2.0.1 and prior
• VMware Server version 1.0.9 and prior
• VMware Fusion version 2.0.5 and prior
• VMware ESXi version 4.0
• VMware ESXi version 3.5
• VMware ESX version 4.0
• VMware ESX version 3.5
• VMware ESX version 3.0.3
• VMware ESX version 2.5.5

Remediation

Apply patches or upgrade to fixed versions.

References

CVE-2009-3733

VMware hosted products and ESX patches resolve two security issues

Related Vulnerabilities

WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Cross-Site Scripting (1.15.2)

WordPress Plugin WP fail2ban Security Bypass (4.0.2)

WordPress Plugin Login With Ajax Cross-Site Scripting (3.1.6)

WordPress Plugin WPtouch Multiple Cross-Site Scripting Vulnerabilities (3.7.3)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17674)

Severity

High

Classification

CVE-2009-2267 CVE-2009-3733 CWE-22 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Directory Traversal Known Vulnerabilities Missing Update Privilege Escalation