KLA10381 Multiple vulnerabilities in VMware

2010-04-1200:00:00

Kaspersky Lab

threats.kaspersky.com

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.032 Low

EPSS

Percentile

91.0%

JSON

Detect date:

04/12/2010

Severity:

Critical

Description:

Multiple critical vulnerabilities have been found in VMware. Malicious users can exploit these vulnerabilities to execute arbitrary code or gain privileges. Below is a complete list of vulnerabilities

Affected products:

VMware Workstation 6.5.x versions earlier than 6.5.4 build 246459
VMware Player 2.5.x versions earlier than 2.5.4 build 246459
VMware ACE 2.5.x versions earlier than 2.5.4 build 246459
VMware Server 2.x versions earlier than 2.0.2 build 203138
VMware Fusion 2.x versions earlier than 2.0.6 build 246742
VMware ESXi versions 3.5 and 4.0 VMware ESX versions 2.5.5, 3.0.3, 3.5, and 4.0