VMware Hosted Products VMware Tools Command Injection Vulnerability

Bugtraq ID: 45166
Class: Input Validation Error
CVE: CVE-2010-4297
Remote: No
Local: Yes
Published: Dec 02 2010 12:00AM
Updated: Dec 09 2010 02:44PM
Credit: Nahuel Grisolia of Bonsai Information Security
Vulnerable: VMWare Workstation 6.5.5
VMWare Workstation 6.5.3
VMWare Workstation 6.5.2
VMWare Workstation 6.5.1
VMWare Workstation 6.5 build 118166
VMWare Workstation 7.1
VMWare Workstation 7.0.1 build 227600
VMWare Workstation 7.0
VMWare Workstation 6.5.4 build 246459
VMWare Workstation 6.5.3 build 185404
VMWare Workstation 6.5.2 build 156735
VMWare Player 3.1.2
VMWare Player 2.5.4
VMWare Player 2.5.3
VMWare Player 2.5.2 build 156735
VMWare Player 2.5.2
VMWare Player 2.5.1
VMWare Player 2.5 build 118166
VMWare Player 3.1
VMWare Player 2.5.4 build 246459
VMWare Player 2.5.3 build 185404
VMWare Fusion 3.1
VMWare Fusion 2.0.7 Build 246742
VMWare Fusion 2.0.6 Build 196839
VMWare Fusion 2.0.6
VMWare Fusion 2.0.5
VMWare Fusion 2.0.4
VMWare Fusion 2.0.3
VMWare Fusion 2.0.2 build 147997
VMWare Fusion 2
VMWare ESXi Server 4.1
VMWare ESXi Server 4.0
VMWare ESXi Server 3.5
VMWare ESX Server 3.0.3
VMWare ESX Server 2.0.2
VMWare ESX Server 4.1
VMWare ESX Server 4.0
VMWare ESX Server 3.5
Not Vulnerable: VMWare Workstation 7.1.2 build 301548
VMWare Workstation 6.5.5 build 328052
VMWare Player 3.1.2 build 301548
VMWare Player 2.5.5 Build 328052
VMWare Fusion 3.1.2 Build 332101
VMWare Fusion 2.0.8 Build 328035


 

Privacy Statement
Copyright 2010, SecurityFocus