Информационная безопасность
[RU] switch to English


Многочисленные уязвимости в VMWare (multiple bugs)
дополнено с 8 мая 2007 г.
Опубликовано:19 мая 2007 г.
Источник:
SecurityVulns ID:7683
Тип:локальная
Уровень опасности:
5/10
Описание:Многочисленные DoS-условия в гостевой и хостовой системах.
Затронутые продукты:VMWARE : VMware Workstation 5.5
 VMWARE : VMware Player 1.0
 VMWARE : VMware Server 1.0
 VMWARE : VMware ACE 1.0
CVE:CVE-2007-2491 (The PIIX4 power management subsystem in EMC VMware Workstation 5.5.3.34685 and VMware Server 1.0.1.29996 allows local users to write to arbitrary memory locations via a crafted poke to I/O port 0x1004, triggering a denial of service (virtual machine crash) or other unspecified impact, a related issue to CVE-2007-1337.)
 CVE-2007-1877 (VMware Workstation before 5.5.4 allows attackers to cause a denial of service against the guest OS by causing the virtual machine process (VMX) to store malformed configuration information.)
 CVE-2007-1876 (VMware Workstation before 5.5.4, when running a 64-bit Windows guest on a 64-bit host, allows local users to "corrupt the virtual machine's register context" by debugging a local program and stepping into a "syscall instruction.")
 CVE-2007-1337 (The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors.)
 CVE-2007-1069 (The memory management in VMware Workstation before 5.5.4 allows attackers to cause a denial of service (Windows virtual machine crash) by triggering certain general protection faults (GPF).)
Оригинальный текстdocumentVMWARE, VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability (19.05.2007)
 documentReversemode, [Reversemode Advisory] VMware Products - GPF Denial of Service (08.05.2007)
 documentVMWARE, VMSA-2007-0004 Multiple Denial-of-Service issues fixed (08.05.2007)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород