8.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
0.032 Low
EPSS
Percentile
91.0%
04/12/2010
Critical
Multiple critical vulnerabilities have been found in VMware. Malicious users can exploit these vulnerabilities to execute arbitrary code or gain privileges. Below is a complete list of vulnerabilities
VMware Workstation 6.5.x versions earlier than 6.5.4 build 246459
VMware Player 2.5.x versions earlier than 2.5.4 build 246459
VMware ACE 2.5.x versions earlier than 2.5.4 build 246459
VMware Server 2.x versions earlier than 2.0.2 build 203138
VMware Fusion 2.x versions earlier than 2.0.6 build 246742
VMware ESXi versions 3.5 and 4.0 VMware ESX versions 2.5.5, 3.0.3, 3.5, and 4.0
Update to latest version
Vmware Products
ACE
CVE-2010-11428.5Critical
CVE-2010-11418.5Critical
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142
my.vmware.com/web/vmware/downloads
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/VMware-ACE/
threats.kaspersky.com/en/product/VMware-Fusion/
threats.kaspersky.com/en/product/VMware-Player/
threats.kaspersky.com/en/product/VMware-Server/
threats.kaspersky.com/en/product/VMware-vSphere-Client/
threats.kaspersky.com/en/product/VMware-Workstation/