Lucene search
RootSSV:19440HistoryApr 12, 2010 - 12:00 a.m.
VMware VMnc编解码器HexTile编码视频块解析堆溢出漏洞
2010-04-1200:00:00
Root
www.seebug.org
40
0.271 Low
EPSS
Percentile
96.3%
BUGTRAQ ID: 39363
CVE ID: CVE-2009-1564
VMWare是一款虚拟PC软件,允许在一台机器上同时运行两个或多个Windows、DOS、LINUX系统。
VMWare媒体解码器包含有用于播放VMware Workstation、VMware Player和VMware ACE所记录电影的VMnc媒体编解码器。vmnc.dll库在处理HexTile编码的视频块时缺少输入检查,用户受骗打开了畸形的AVI文件就可以触发堆溢出,导致执行任意代码。
VMWare Workstation 6.5.x
VMWare Player 2.5.x
VMWare Server 2.x
VMWare Movie Decoder 6.x
厂商补丁:
VMWare
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://lists.vmware.com/pipermail/security-announce/2010/000090.html
Related
securityvulns
securityvulns
VUPEN Security Research - VMware Products Movie Decoder Heap Overflow Vulnerability
2010-04-12 00:00:00
Secunia Research: VMWare VMnc Codec HexTile Encoding Buffer Overflow
2010-04-12 00:00:00
VMWare applications multiple security vulnerabilities
2010-04-19 00:00:00
cve
cve
CVE-2009-1564
2010-04-12 18:30:00
CVE-2010-1564
2010-04-14 19:30:00
prion
prion
Heap overflow
2010-04-12 18:30:00
Design/Logic Flaw
2010-04-14 19:30:00
openvas
openvas
VMware Products Multiple Vulnerabilities - Windows
2010-04-16 00:00:00
VMware Products Multiple Vulnerabilities (Windows)
2010-04-16 00:00:00
nessus
nessus
vmware
vmware