VMware vielib.dll ActiveX控件远程代码执行漏洞

BUGTRAQ ID: 25118 VMware Workstation是一款非常流行的虚拟PC机软件。 VMware intraprocesslogging.dll ActiveX控件实现上存在漏洞，远程攻击者可能利用此漏洞在用户系统上执行任意指令。 VMware中所捆绑的vielib.dll库中的StartProcess方式没有验证是否被应用程序或恶意用户调用，如果用户受骗访问了恶意网页的话，调用了该库的应用程序就可能导致以登录用户的权限执行任意指令。 VMWare Workstation 6.0 临时解决方法：...

Path traversal

Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging.dll 5.5.3.42958 in EMC VMware allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SetLogFileName method...

VMware IntraProcessLogging.dll 5.5.3.42958 Arbitrary Data Write Exploit

No description provided by source. !-- --------------------------------------------------------------------------- :. GOODFELLAS Security Research TEAM .: :. http://goodfellas.shellcode.com.ar .: IntraProcessLogging.dll 5.5.3.42958 VmWare Inc Arbitrary Data Write Exploit...

VMware IntraProcessLogging.dll 5.5.3.42958 Arbitrary Data Write Exploit

Exploit for unknown platform in category remote exploits ======================================================================= VMware IntraProcessLogging.dll 5.5.3.42958 Arbitrary Data Write Exploit ======================================================================= GoodFellas Security Rese...

VMware 'IntraProcessLogging.dll' 5.5.3.42958 - Arbitrary Data Write

GoodFellas Security Research Team Technical Details ----------------- SetLogFileName method receives one argument filename in this format "c:\path\file". Proof of Concept ---------------- object id=ctrl classid="clsid:AF13B07E-...