Kaspersky LabKLA10386KLA10386 Multiple vulnerabilities in VMware
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
70.0%
Detect date:
09/23/2010
Severity:
Critical
Description:
Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to cause denial of service, inject arbitrary scripts, execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities
Affected products:
VMware Workstation verisons 7.1.1 and earlier
VMware Player versions 3.1.1 and earlier
VMware ACE Management Server versions 2.7.1 and earlier
Solution:
Update to latest version
VMWare Products
Original advisories:
Impacts:
ACE
Related products:
CVE-IDS:
References
www.vmware.com/security/advisories/VMSA-2010-0014.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277
my.vmware.com/web/vmware/downloads
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/VMware-ACE/
threats.kaspersky.com/en/product/VMware-Player/
threats.kaspersky.com/en/product/VMware-Workstation/
Related
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
70.0%