Summary
The host is installed with VMWare products and are prone to remote code execution vulnerabilities.
Impact
Successful exploitation will allow attacker to execute arbitrary code.
Impact Level: System/Application
Solution
For Upgrades refer the below link,
http://www.vmware.com/security/advisories/VMSA-2010-0007.html
Insight
The flaw is due to error in 'tools' which does not properly access libraries.
This allows attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share.
Affected
VMware ACE 2.5.x before 2.5.4 build 246459,
VMware Player 2.5.x before 2.5.4 build 246459,
VMware Workstation 6.5.x before 6.5.4 build 246459
References
Severity
Classification
-
CVE CVE-2010-1141, CVE-2010-1142 -
CVSS Base Score: 8.5
AV:N/AC:M/Au:S/C:C/I:C/A:C
Related Vulnerabilities