漏洞信息详情

Vmware ActiveX 未知攻击漏洞

  • CNNVD编号:CNNVD-200809-028
  • 危害等级: 超危
  • CVE编号: CVE-2008-3694
  • 漏洞类型: 资料不足
  • 发布时间: 2008-08-29
  • 威胁类型: 远程
  • 更新时间: 2009-01-29
  • 厂        商: vmware
  • 漏洞来源: Sun BingJulien Bac...

漏洞简介

VMWare是一款虚拟PC软件,允许在一台机器上同时运行两个或多个Windows、DOS、LINUX系统。

VMware Workstation 5.5.x 5.5.8 build 108000以前版本, VMware Workstation 6.0.x 6.0.5 build 109488以前版本, VMware Player 1.x 1.0.8 build 108000以前版本, VMware Player 2.x 2.0.5 build 109488以前版本, VMware ACE 1.x 1.0.7 build 108880以前版本, VMware ACE 2.x 2.0.5 build 109488以前版本, 和 VMware Server 1.0.7 build 108231 以前版本的某个ActiveX组件存在未知漏洞,对系统有未知的影响和攻击向量。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:

http://www.vmware.com/download/ws/

http://www.vmware.com/download/player/

http://www.vmware.com/download/ace/

http://www.vmware.com/download/server/

参考网址

来源: VUPEN

名称: ADV-2008-2466

链接:http://www.frsirt.com/english/advisories/2008/2466

来源: SECUNIA

名称: 31710

链接:http://secunia.com/advisories/31710

来源: SECUNIA

名称: 31709

链接:http://secunia.com/advisories/31709

来源: SECUNIA

名称: 31708

链接:http://secunia.com/advisories/31708

来源: SECUNIA

名称: 31707

链接:http://secunia.com/advisories/31707

来源: www.vmware.com

链接:http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html

来源: www.vmware.com

链接:http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html

来源: www.vmware.com

链接:http://www.vmware.com/support/server/doc/releasenotes_server.html

来源: www.vmware.com

链接:http://www.vmware.com/support/player2/doc/releasenotes_player2.html

来源: www.vmware.com

链接:http://www.vmware.com/support/player/doc/releasenotes_player.html

来源: www.vmware.com

链接:http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html

来源: www.vmware.com

链接:http://www.vmware.com/support/ace/doc/releasenotes_ace.html

来源: www.vmware.com

链接:http://www.vmware.com/security/advisories/VMSA-2008-0014.html

来源: SECTRACK

名称: 1020791

链接:http://www.securitytracker.com/id?1020791

来源: BID

名称: 30934

链接:http://www.securityfocus.com/bid/30934

来源: BUGTRAQ

名称: 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.

链接:http://www.securityfocus.com/archive/1/archive/1/495869/100/0/threaded

来源: SREASON

名称: 4202

链接:http://securityreason.com/securityalert/4202

来源: FULLDISC

名称: 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.

链接:http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html

补丁

    暂无

漏洞信息快速查询

相关漏洞

更多