Studio Security Vulnerabilities

CVE-2009-2968

Directory traversal vulnerability in a support component in the web interface in VMware Studio 2.0 public beta before build 1017-185256 allows remote attackers to upload files to arbitrary locations via unspecified vectors.

CVE-2010-2427

VMware Studio 2.0 does not properly write to temporary files, which allows local users to gain privileges via unspecified vectors.

CVE-2010-2667

Multiple unspecified vulnerabilities in the Virtual Appliance Management Infrastructure (VAMI) in VMware Studio 2.0 allow remote authenticated users to execute arbitrary commands via vectors involving (1) the Studio virtual appliance or (2) a virtual appliance created by the Studio virtual applianc...