VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability

2009-04-10T00:00:00
ID VMSA-2009-0006
Type vmware
Reporter VMware
Modified 2009-04-10T00:00:00

Description

a. Host code execution vulnerability from a guest operating system
A critical vulnerability in the virtual machine display function might allow a guest operating system to run code on the host.
This issue is different from the vulnerability in a guest virtual device driver reported in VMware security advisory VMSA-2009-0005 on 2009-04-03. That vulnerability can cause a potential denial of service and is identified by CVE-2008-4916.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-1244 to this issue.
The following table lists what action remediates the vulnerability (column 4) if a solution is available.