Visualization specialist VMware has warned of a vulnerability (CVE-2011-3868) that could allow attackers to execute arbitrary code. The vulnerability lies in the way UDF filesystems are handled within VMware's Workstation, Player, and Fusion applications, and could be exploited by an attacker to execute code should a user install software from a specially crafted malicious ISO image. The problem was discovered by an anonymous person via the SecuriTeam Secure Disclosure program, and is believed to be present on all host operating systems.
VMware versions up to and including Workstation 7.1.4, Player 3.1.4, and Fusion 3.1.2 are affected; other products are not vulnerable. Updated releases of all three products have been made available, and should be downloaded by affected users. Further details are available in VMware's Security Advisory.
VMware versions up to and including Workstation 7.1.4, Player 3.1.4, and Fusion 3.1.2 are affected; other products are not vulnerable. Updated releases of all three products have been made available, and should be downloaded by affected users. Further details are available in VMware's Security Advisory.
-News Source (The H, VMware)
LINK TO OUR HOME PAGE :


Categories:
NEWS
,
technews
,
vulnerablity