VMware主机产品内存破坏和拒绝服务漏洞(CVE-2012-3289)

文章由LinuxBoy分享于2019-04-02 07:04:34热评（238）

VMware主机产品内存破坏和拒绝服务漏洞(CVE-2012-3289)

发布日期：2012-06-14
更新日期：2012-06-26

受影响系统：
VMWare VMWare Workstation 8.0.2
VMWare VMWare Workstation 8.0.1
VMWare VMWare Workstation 7.13
VMWare VMWare Workstation 7.1.5
VMWare VMWare Workstation 7.1.4 Build 385536
VMWare VMWare Workstation 7.1.4
VMWare VMWare Workstation 7.1.3
VMWare VMWare Workstation 7.1.2 build 301548
VMWare VMWare Workstation 7.1.2 Build 301548
VMWare VMWare Workstation 7.1.2
VMWare VMWare Workstation 7.1.1
VMWare VMWare Workstation 7.1
VMWare VMWare Workstation 7.0.1 build 227600
VMWare VMWare Workstation 7.0.1
VMWare VMWare Workstation 7.0
VMWare Player 4.0.2
VMWare Player 4.0.1
VMWare Player 3.1.5
VMWare Player 3.1.4
VMWare Player 3.1.3
VMWare Player 3.1.2 build 301548
VMWare Player 3.1.2 Build 3
VMWare Player 3.1.2
VMWare Player 3.1.2
VMWare Player 3.1.1
VMWare Player 3.1
VMWare Player 3.1
VMWare Player 3.0.1 build 227600
VMWare Player 3.0.1
VMWare Player 3.0
VMWare ESX 4.1
VMWare ESX 4.0
VMWare ESX 3.5
VMWare ESXi 5.0
VMWare ESXi 4.1
VMWare ESXi 4.0
VMWare ESXi 3.5
描述：
--------------------------------------------------------------------------------
BUGTRAQ ID: 53996
CVE ID: CVE-2012-3288

VMWare是一个“虚拟PC”软件，可以在一台机器上同时运行二个或更多Windows、DOS、LINUX系统。

VMware Workstation 8.0.4之前版本、VMware Player 4.0.4之前版本、VMware ESXi 3.5 至 5.0、VMware ESX 3.5 至 4.1版本可允许远程攻击者通过远程虚拟设备上的特制的流量，造成拒绝服务。

<*来源：vendor

链接：http://www.vmware.com/security/advisories/VMSA-2012-0011.html
*>

建议：
--------------------------------------------------------------------------------
厂商补丁：

VMWare
------
VMWare已经为此发布了一个安全公告（VMSA-2012-0011）以及相应补丁:

VMSA-2012-0011：VMware hosted products and ESXi and ESX patches address security issues

链接：http://www.vmware.com/security/advisories/VMSA-2012-0011.html

推荐文章：

VMware主机产品内存破坏和拒绝服务漏洞(CVE-2012-3289)