Lucene search

K
vmware
VMwareVMSA-2010-0004
HistoryMar 03, 2010 - 12:00 a.m.

ESX Service Console and vMA third party updates

2010-03-0300:00:00
www.vmware.com
42

0.966 High

EPSS

Percentile

99.5%

a. vMA and Service Console update for newt to 0.52.2-12.el5_4.1

Newt is a programming library for color text mode, widget based user interfaces. Newt can be used to add stacked windows, entry widgets, checkboxes, radio buttons, labels, plain text fields, scrollbars, etc., to text mode user interfaces.
A heap-based buffer overflow flaw was found in the way newt processes content that is to be displayed in a text dialog box. A local attacker could issue a specially-crafted text dialog box display request (direct or via a custom application), leading to a denial of service (application crash) or, potentially, arbitrary code execution with the privileges of the user running the application using the newt library.
The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-2905 to this issue.
The following table lists what action remediates the vulnerability (column 4) if a solution is available.

How to protect your server from attacks?

0.966 High

EPSS

Percentile

99.5%

Related for VMSA-2010-0004