You are here

U-192 VMware Workstation/Player VM Remote Device Bug Lets Local or Remote Users Deny Service

June 15, 2012 - 7:00am

Addthis

PROBLEM:

A vulnerability was reported in VMware Workstation/Player.

PLATFORM:

Version(s): Workstation 8.x, Player 4.x

ABSTRACT:

A local or remote user can cause denial of service conditions on the target virtual system.

reference LINKS:

Vendor Advisory
Security Tracker ID 1027173
CVE-2012-3289

IMPACT ASSESSMENT:

High

Discussion:

A user with the ability to modify communications data between a remote virtual device (e.g., CD-ROM, keyboard) located on a physically separate system and the target virtual machine can cause the target virtual machine to crash.

Impact:

A local or remote user can cause denial of service conditions on the target virtual system.

Solution:

The vendor has issued a fix (Workstation 8.0.4, Player 4.0.4)

Addthis