PT-2013-3131 · Vmware · Vmware Esxi+3
Publicado
2013-02-11
·
Atualizado
2017-09-19
·
CVE-2013-1406
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
VMware Workstation versions 8.0 through 8.0.4
VMware Workstation version 9.0
VMware Fusion versions 4.1 through 4.1.3
VMware Fusion version 5.0
VMware View versions 4.x through 4.6.1
VMware View versions 5.x through 5.1.1
VMware ESXi versions 4.0 through 5.1
VMware ESX versions 4.0 through 4.1
Description
The Virtual Machine Communication Interface (VMCI) implementation does not properly restrict memory allocation by control code, allowing local users to gain privileges via unspecified vectors.
Recommendations
For VMware Workstation versions 8.0 through 8.0.4, update to version 8.0.5 or later.
For VMware Workstation version 9.0, update to version 9.0.1 or later.
For VMware Fusion versions 4.1 through 4.1.3, update to version 4.1.4 or later.
For VMware Fusion version 5.0, update to version 5.0.2 or later.
For VMware View versions 4.x through 4.6.1, update to version 4.6.2 or later.
For VMware View versions 5.x through 5.1.1, update to version 5.1.2 or later.
For VMware ESXi versions 4.0 through 5.1, update to a version later than 5.1.
For VMware ESX versions 4.0 through 4.1, update to a version later than 4.1.
Exploit
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Vmware Esxi
Vmware Fusion
Vmware View
Vmware Workstation