背景:
阅读新闻
VMware主机产品内存破坏和拒绝服务漏洞(CVE-2012-3288)
[日期:2012-06-27] 来源:Linux社区 作者:Linux [字体:]
发布日期:2012-06-14
更新日期:2012-06-26
受影响系统:
VMWare VMWare Workstation 8.0.2
VMWare VMWare Workstation 8.0.1
VMWare VMWare Workstation 7.13
VMWare VMWare Workstation 7.1.5
VMWare VMWare Workstation 7.1.4 Build 385536
VMWare VMWare Workstation 7.1.4
VMWare VMWare Workstation 7.1.3
VMWare VMWare Workstation 7.1.2 build 301548
VMWare VMWare Workstation 7.1.2 Build 301548
VMWare VMWare Workstation 7.1.2
VMWare VMWare Workstation 7.1.1
VMWare VMWare Workstation 7.1
VMWare VMWare Workstation 7.0.1 build 227600
VMWare VMWare Workstation 7.0.1
VMWare VMWare Workstation 7.0
VMWare Player 4.0.2
VMWare Player 4.0.1
VMWare Player 3.1.5
VMWare Player 3.1.4
VMWare Player 3.1.3
VMWare Player 3.1.2 build 301548
VMWare Player 3.1.2 Build 3
VMWare Player 3.1.2
VMWare Player 3.1.2
VMWare Player 3.1.1
VMWare Player 3.1
VMWare Player 3.1
VMWare Player 3.0.1 build 227600
VMWare Player 3.0.1
VMWare Player 3.0
VMWare ESX 4.1
VMWare ESX 4.0
VMWare ESX 3.5
VMWare ESXi 5.0
VMWare ESXi 4.1
VMWare ESXi 4.0
VMWare ESXi 3.5
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 53996
CVE ID: CVE-2012-3288
VMWare是一个“虚拟PC”软件,可以在一台机器上同时运行二个或更多Windows、DOS、LINUX系统。
VMware Workstation 7.1.6、8.0.4之前版本、VMware Player 3.1.6、4.0.4之前版本、VMware Fusion 4.1.3之前版本、VMware ESXi 3.5 至 5.0、VMware ESX 3.5 至 4.1版本可允许远程攻击者在主机OS上执行任意代码或通过特制的Checkpoint文件在主机OS上破坏内存,造成拒绝服务。
建议:
--------------------------------------------------------------------------------
厂商补丁:
VMWare
------
VMWare已经为此发布了一个安全公告(VMSA-2012-0011)以及相应补丁:
VMSA-2012-0011:VMware hosted products and ESXi and ESX patches address security issues
Linux Kernel KVM 'kvm_set_irq()'函数本地缓冲区溢出漏洞
VMware主机产品内存破坏和拒绝服务漏洞(CVE-2012-3289)
本文评论 查看全部评论 (0)
尊重网上道德,遵守中华人民共和国的各项有关法律法规 承担一切因您的行为而直接或间接导致的民事或刑事法律责任 本站管理人员有权保留或删除其管辖留言中的任意内容 本站有权在网站内转载或引用您的评论 参与本评论即表明您已经阅读并接受上述条款
评论声明
最新资讯