CVE-2012-2450

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 8.0.0 through 8.0.2 VMware Player versions 4.0.0 through 4.0.2 VMware Fusion versions 4.0.0 through 4.1.1 VMware ESXi versions 3.5 through 5.0 VMware ESX versions 3.5 through 4.1

Description The issue allows guest OS users with administrative privileges to cause a denial of service or possibly execute arbitrary code on the host OS by leveraging improper registration of SCSI devices. This can result in an invalid write operation and a crash of the VMX process.

Recommendations For VMware Workstation versions 8.0.0 through 8.0.2, update to version 8.0.3 or later. For VMware Player versions 4.0.0 through 4.0.2, update to version 4.0.3 or later. For VMware Fusion versions 4.0.0 through 4.1.1, update to version 4.1.2 or later. For VMware ESXi versions 3.5 through 5.0, update to a version later than 5.0. For VMware ESX versions 3.5 through 4.1, update to a version later than 4.1.