Computer Security

Forum
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



VMWare multiple applications security vulnerabilities
Published:02.09.2008
Source:BUGTRAQ
SecurityVulns ID:9255
Type:remote
Level:5/10
Description:Multiple ActiveX vulnerabilities, privilege escalation, ISAPI filters DoS, third party components updates.
Affected:VMWARE : VMware Workstation 5.5
 VMWARE : VMware Player 1.0
 VMWARE : VMware Server 1.0
 VMWARE : VMware ACE 1.0
 VMWARE : VMWare Workstation 6.0
 VMWARE : VMware Player 2.0
 VMWARE : VMWare ACE 2.0
 VMWARE : VMware ESX 3.0
CVE:CVE-2008-3698
 CVE-2008-3697
 CVE-2008-3696
 CVE-2008-3695
 CVE-2008-3694
 CVE-2008-3693
 CVE-2008-3692
 CVE-2008-3691
 CVE-2008-2101
 CVE-2008-1808
 CVE-2008-1807
 CVE-2008-1806
 CVE-2008-1447
 CVE-2007-5503
 CVE-2007-5438 (Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in EMC VMware Player might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe), related to the ConnectPopulatedDiskEx function.)
 CVE-2007-5269 (Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle_iTXt), and (5) ztXT (png_handle_ztXt) chunking in PNG images, which trigger out-of-bounds read operations.)
Original documentdocumentVMWARE, VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. (02.09.2008)
Discuss:Read or add your comments to this news (0 comments)

Show Threads
Messages
 
Login:* (Register)
Password:*
(private) To:
(reply) Subject:*
Text:

Main Forum (Eng)

General security questions not appropriate for another forums. 		3proxy Forum (Eng)

All 3proxy question must be posted to this forum. 		Bugs, Vulnerabilities, PoCs and Exploits (Eng)

All vulnerability related questions, vulnerability digging and exploit creation. 		Windows programming and administration (Eng)

Administering Windows and application development. 		Unix programming and administation (Eng)

Administering Unix and application development. 		Test forum

Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)
 3proxy Forum (Rus)
 Bugs, Vulnerabilities, PoCs and Exploits (Rus)
 Windows programming and administration (Rus)
 Unix programming and administation (Rus)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod
 


Rating@Mail.ru