Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
VMware ESXi, Workstation, Fusion Affected by Critical Out-of-Bounds Read
#1
Quote:"The specific flaw exists within the handling of virtualized SVGA. The issue results from the lack of proper validation of user-supplied data, which can result in an overflow of a heap-based buffer," says the anonymous ZDI-18-1242 advisory. "An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the host OS."

The security issue can be exploited by attackers to compromise machines running the following vulnerable versions of VMWare's vSphere ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (Pro / Player) (14.x before 14.1.3) and VMware Fusion (Fusion Pro) (10.x before 10.1.3) products.

Detailed patch information and release notes for all updated products are listed on VMware's VMSA-2018-0026 security advisory page, together with severity ratings for all affected products.

Source: https://news.softpedia.com/news/vmware-e...3273.shtml
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Time Limited: Backup with AOMEI | World ...
Time Limited: Backup...jasonX — 07:28
Mozilla Firefox Browser 124.0
Mozilla Firefox Br...harlan4096 — 07:11
Free Download Manager 6.21.0.5639
Changes in 6.21.0.5...harlan4096 — 07:09
K-Lite Codec Pack 18.2.0 / 18.2.2 Update
Changes in 18.2.0 ...harlan4096 — 07:09
ON1 Photo RAW 2024
  ON1 NoNoise ...jasonX — 07:05

[-]
Birthdays
Today's Birthdays
avatar (41)Hectorvot
avatar (49)knowhanPluts
avatar (37)Williamengiz
Upcoming Birthdays
avatar (42)gapedDow
avatar (36)snorydar
avatar (44)qaqapeti
avatar (42)battsourIonix
avatar (41)CedricSek
avatar (36)Charlesfibre
avatar (41)artmaGoork

[-]
Online Staff
There are no staff members currently online.

>