PT-2012-4818 · Vmware · Vmware Player+2

Jeremy Brown

Publicado

2012-11-14

Atualizado

2017-08-29

CVE-2012-3569

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions VMware OVF Tool version 2.1 VMware Workstation versions 8.0 through 8.0.4 VMware Player versions 4.0 through 4.0.4

Description A format string issue allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file.

Recommendations For VMware OVF Tool version 2.1, update to a newer version to mitigate the risk. For VMware Workstation versions 8.0 through 8.0.4, update to version 8.0.5 or later. For VMware Player versions 4.0 through 4.0.4, update to version 4.0.5 or later.

Exploit

Correção

Use of Externally-Controlled Format String

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-134

Identificadores relacionados

CVE-2012-3569

Produtos afetados

Vmware Ovf Tool

Vmware Player

Vmware Workstation

PT-2012-4818 · Vmware · Vmware Player+2

CVE-2012-3569

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12