Summary
The host is installed with VMWare product(s) that are vulnerable to privilege escalation vulnerability.
Impact
Successful exploitation allow attackers to execute arbitrary code on the affected system and users could bypass certain security restrictions or can gain escalated privileges.
Impact Level : System
Solution
Upgrade VMware latest versions,
www.vmware.com/download/ws/
www.vmware.com/download/ace/
www.vmware.com/download/player/
www.vmware.com/download/server/
Insight
The issue is due to an error in the CPU hardware emulation while handling the trap flag.
Affected
VMware Server 1.x - 1.0.7 on Windows
VMware ACE 1.x - 1.0.7 and 2.x - 2.0.5 on Windows
VMware Player 1.x - 1.0.8 and 2.x - 2.0.5 on Windows VMware Workstation 6.0.5 and earlier on all Windows
References
Severity
Classification
-
CVE CVE-2008-4915, CVE-2008-4917 -
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Mac OS X
- Adobe Air Multiple Vulnerabilities -01 August 12 (Mac OS X)
- Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Mac OS X)
- Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Mac OS X)
- Adobe Air Multiple Vulnerabilities June-2012 (Mac OS X)