9.3

CVE-2011-3868

Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VMwareWorkstation Version7.0
VMwareWorkstation Version7.0.1
VMwareWorkstation Version7.1
VMwareWorkstation Version7.1.1
VMwareWorkstation Version7.1.2
VMwareWorkstation Version7.1.3
VMwareWorkstation Version7.1.4
VMwarePlayer Version3.0
VMwarePlayer Version3.0.1
VMwarePlayer Version3.1
VMwarePlayer Version3.1.1
VMwarePlayer Version3.1.2
VMwarePlayer Version3.1.3
VMwarePlayer Version3.1.4
VMwareFusion Version3.1
VMwareFusion Version3.1.1
VMwareFusion Version3.1.2
VMwareAms
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.77% 0.921
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://security.gentoo.org/glsa/glsa-201209-25.xml
http://osvdb.org/76060
http://secunia.com/advisories/46241
http://www.securityfocus.com/archive/1/520005/100/0/threaded
http://www.securityfocus.com/bid/49942
http://www.securitytracker.com/id?1026139
http://www.vmware.com/security/advisories/VMSA-2011-0011.html
Patch
Vendor Advisory