4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
70.0%
09/23/2010
Critical
Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to cause denial of service, inject arbitrary scripts, execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities
VMware Workstation verisons 7.1.1 and earlier
VMware Player versions 3.1.1 and earlier
VMware ACE Management Server versions 2.7.1 and earlier
Update to latest version
VMWare Products
ACE
www.vmware.com/security/advisories/VMSA-2010-0014.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277
my.vmware.com/web/vmware/downloads
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/VMware-ACE/
threats.kaspersky.com/en/product/VMware-Player/
threats.kaspersky.com/en/product/VMware-Workstation/