VMware主机产品内存破坏和拒绝服务漏洞(CVE-2012-3288)
VMware主机产品内存破坏和拒绝服务漏洞(CVE-2012-3288)
发布日期:2012-06-14
更新日期:2012-06-26
受影响系统:
VMWare VMWare Workstation 8.0.2
VMWare VMWare Workstation 8.0.1
VMWare VMWare Workstation 7.13
VMWare VMWare Workstation 7.1.5
VMWare VMWare Workstation 7.1.4 Build 385536
VMWare VMWare Workstation 7.1.4
VMWare VMWare Workstation 7.1.3
VMWare VMWare Workstation 7.1.2 build 301548
VMWare VMWare Workstation 7.1.2 Build 301548
VMWare VMWare Workstation 7.1.2
VMWare VMWare Workstation 7.1.1
VMWare VMWare Workstation 7.1
VMWare VMWare Workstation 7.0.1 build 227600
VMWare VMWare Workstation 7.0.1
VMWare VMWare Workstation 7.0
VMWare Player 4.0.2
VMWare Player 4.0.1
VMWare Player 3.1.5
VMWare Player 3.1.4
VMWare Player 3.1.3
VMWare Player 3.1.2 build 301548
VMWare Player 3.1.2 Build 3
VMWare Player 3.1.2
VMWare Player 3.1.2
VMWare Player 3.1.1
VMWare Player 3.1
VMWare Player 3.1
VMWare Player 3.0.1 build 227600
VMWare Player 3.0.1
VMWare Player 3.0
VMWare ESX 4.1
VMWare ESX 4.0
VMWare ESX 3.5
VMWare ESXi 5.0
VMWare ESXi 4.1
VMWare ESXi 4.0
VMWare ESXi 3.5
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 53996
CVE ID: CVE-2012-3288
VMWare是一个“虚拟PC”软件,可以在一台机器上同时运行二个或更多Windows、DOS、LINUX系统。
VMware Workstation 7.1.6、8.0.4之前版本、VMware Player 3.1.6、4.0.4之前版本、VMware Fusion 4.1.3之前版本、VMware ESXi 3.5 至 5.0、VMware ESX 3.5 至 4.1版本可允许远程攻击者在主机OS上执行任意代码或通过特制的Checkpoint文件在主机OS上破坏内存,造成拒绝服务。
<*来源:vendor
链接:http://www.vmware.com/security/advisories/VMSA-2012-0011.html
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
VMWare
------
VMWare已经为此发布了一个安全公告(VMSA-2012-0011)以及相应补丁:
VMSA-2012-0011:VMware hosted products and ESXi and ESX patches address security issues
链接:http://www.vmware.com/security/advisories/VMSA-2012-0011.html
评论暂时关闭