| CNNVD-ID编号 | CNNVD-200904-257 | CVE编号 | CVE-2009-1244 |
| 发布时间 | 2009-04-13 | 更新时间 | 2009-04-23 |
| 漏洞类型 | 资料不足 | 漏洞来源 | N/A |
| 危险等级 | 中危 | 威胁类型 | 本地 |
| 厂商 | vmware | ||
VMware Workstation 6.5.1及之前版本;VMware Player 2.5.1及之前版本; VMware ACE 2.5.1及之前版本;VMware Server 1.0.9 build 156507之前的1.x版本和2.0.1 build 156745之前的2.x版本;VMware Fusion 2.0.4 build 159196之前版本;VMware ESXi 3.5;VMware ESX 3.0.2,3.0.3和3.5版本中的虚拟机器显示函数存在未明漏洞。子操作系统用户可以借助未知向量,在主操作系统上执行任意代码。
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
VMWare ESXi Server ; 3.5
VMWare ; ESXe350-200904201-O-SG.zip VMware Server Linux client package
http://download3.vmware.com/software/vi/ESXe350-200904201-O-SG.zip
VMWare ESX Server ; 3.5
VMWare ; ESX-1008421.tgz VMware Server Linux client package
http://download3.vmware.com/software/vi/ESX-1008421.tgz
VMWare ; ESX303-200904403-SG.zip
VMware Server Linux client package http://download3.vmware.com/software/vi/ESX303-200904403-SG.zip
VMWare ; ESX350-200904201-SG.zip
VMware Server Linux client package http://download3.vmware.com/software/vi/ESX350-200904201-SG.zip
VMWare Server 1.0.8
VMWare ; VMware-mui-1.0.9-156507.tar.gz Management Interface
http://download3.vmware.com/software/vmserver/VMware-mui-1.0.9-156507. tar.gz
VMWare ; VMware-server-1.0.9-156507.i386.rpm VMware Server for Linux rpm
http://download3.vmware.com/software/vmserver/VMware-server-1.0.9-1565 07.i386.rpm
VMWare ; VMware-server-1.0.9-156507.tar.gz VMware Server for Linux
http://download3.vmware.com/software/vmserver/VMware-server-1.0.9-1565 07.tar.gz
VMWare ; VMware-server-installer-1.0.9-156507.exe
VMware Server for Windows 32-bit and 64-bit http://download3.vmware.com/software/vmserver/VMware-server-installer- 1.0.9-156507.exe
VMWare ; VMware-server-linux-client-1.0.9-156507.zip VMware Server Linux client package
http://download3.vmware.com/software/vmserver/VMware-server-linux-clie nt-1.0.9-156507.zip
VMWare ; VMware-server-win32-client-1.0.9-156507.zip VMware Server Windows client package
http://download3.vmware.com/software/vmserver/VMware-server-win32-clie nt-1.0.9-156507.zip
VMWare Player 2.5.1
VMWare ; VMware-player-2.5.2-156735.exe Player for Windows binary http://download3.vmware.com/software/vmplayer/VMware-player-2.5.2-156735.exe
VMWare ; VMware-Player-2.5.2-156735.i386.bundle Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.2-1567 35.i386.bundle
VMWare ; VMware-Player-2.5.2-156735.i386.rpm Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.2-1567 35.i386.rpm
VMWare ; VMware-Player-2.5.2-156735.x86_64.bundle Player for 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.2-1567 35.x86_64.bundle
VMWare ; VMware-Player-2.5.2-156735.x86_64.rpm Player for 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.2-1567 35.x86_64.rpm
来源: BID
名称: 34471
来源: MLIST
名称: [security-announce] 20090410 VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability
链接:http://lists.vmware.com/pipermail/security-announce/2009/000055.html
来源: XF
名称: vmware-virtualmachine-code-execution(49834)
来源: VUPEN
名称: ADV-2009-0944
来源: www.vmware.com
链接:http://www.vmware.com/security/advisories/VMSA-2009-0006.html
来源: SECTRACK
名称: 1022031
来源: BUGTRAQ
名称: 20090410 VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/502615/100/0/threaded
计算
安全
数据库
网络和加速
企业服务
