Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3868

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-3868
Last Modified 14 May 2013 11:21:00
Published 07 Oct 2011 04:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3868

Summary

Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image.

Vulnerable Systems

Application

  • Vmware Ams

  • Vmware Fusion 3.1

  • Vmware Fusion 3.1.1

  • Vmware Fusion 3.1.2

  • Vmware Player 3.0

  • Vmware Player 3.0.1

  • Vmware Player 3.1

  • Vmware Player 3.1.1

  • Vmware Player 3.1.2

  • Vmware Player 3.1.3

  • Vmware Player 3.1.4

  • Vmware Workstation 7.0

  • Vmware Workstation 7.0.1

  • Vmware Workstation 7.1

  • Vmware Workstation 7.1.1

  • Vmware Workstation 7.1.2

  • Vmware Workstation 7.1.3

  • Vmware Workstation 7.1.4


References

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2011-0011.html

SECTRACK - 1026139

BID - 49942

BUGTRAQ - 20111005 VMSA-2011-0011 VMware hosted products address remote code execution vulnerability

SECUNIA - 46241

OSVDB - 76060

GENTOO - GLSA-201209-25

Related Patches

VMware VMSA-2011-0011 VMware Fusion 3.1.3 for Mac (See Notes)


Last Updated: 27 May 2016 10:56:42