First published: Mon Apr 12 2010(Updated: )
Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
VMware Workstation | =6.5.1 | |
VMware Workstation | =6.5.0 | |
VMware Workstation | =6.5.2 | |
VMware Workstation | =6.5.3 | |
VMware Fusion | =2.0.1 | |
VMware Fusion | =2.0.2 | |
VMware Fusion | =2.0.5 | |
VMware Fusion | =2.0 | |
VMware Fusion | =2.0.4 | |
VMware Fusion | =2.0.6 | |
VMware Fusion | =2.0.3 | |
VMware VIX API | =1.6.1 | |
VMware VIX API | =1.6.0 | |
VMware Player | =2.5 | |
VMware Player | =2.5.1 | |
VMware Player | =2.5.2 | |
VMware Player | =2.5.3 | |
Linux Linux kernel | ||
VMware Server | =2.0.0 | |
VMware Server | =2.0.1 | |
VMware Server | =2.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.