In association with heise online

15 June 2012, 17:11

VMware closes holes in its virtualisation products

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

VMware logo Virtualisation specialist VMware is warning customers of two security problems in its virtualisation solutions. According to the company, the vulnerabilities affect VMware Workstation, Player, Fusion, ESXi and ESX.

The first of these holes (CVE-2012-3288) is a memory corruption issue when loading Checkpoint files. To be exploited, an attacker must already be able to load a specially crafted Checkpoint in a virtual machine (VM) in order to execute arbitrary code on a host. The other issue (CVE-2012-3289) is a remote denial-of-service (DoS) vulnerability caused by manipulated traffic from a remote virtual device.

Further details, including links to patches are provided that correct these problems, can be found in the company's security advisory.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-1619385
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit