VMware Products Shared Folders 'MultiByteToWideChar()' Variant Directory Traversal Vulnerability

VMware Products Shared Folders 'MultiByteToWideChar()' Variant Directory Traversal Vulnerability

Multiple VMware products are prone to a directory-traversal vulnerability that affects shared folders.

Attackers who can access a guest operating system can exploit this issue to gain full read and write access to the filesystem of the host operating system. Successful attacks could compromise the affected host OS. Other attacks are possible.

NOTE: This vulnerability occurs only on Windows hosts when 'Shared Folders' is enabled and when a shared folder exists.

The issue affects the following:

VMware Workstation 6.0.2, 5.5.4, and earlier
VMware Player 2.0.2, 1.0.4, and earlier
VMware ACE 2.0.2, 1.0.2, and earlier.

NOTE: This issue occurs because of a fix that was introduced to address a similar issue (CVE-2007-1744) that is documented in BID 23721 (VMware Workstation Shared Folders Directory Traversal Vulnerability).