CVE-2011-3868

Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.1.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.1.4:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:3.1.4:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:vmware:ams:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:31

Type Values Removed Values Added
References () http://osvdb.org/76060 - () http://osvdb.org/76060 -
References () http://secunia.com/advisories/46241 - () http://secunia.com/advisories/46241 -
References () http://security.gentoo.org/glsa/glsa-201209-25.xml - () http://security.gentoo.org/glsa/glsa-201209-25.xml -
References () http://www.securityfocus.com/archive/1/520005/100/0/threaded - () http://www.securityfocus.com/archive/1/520005/100/0/threaded -
References () http://www.securityfocus.com/bid/49942 - () http://www.securityfocus.com/bid/49942 -
References () http://www.securitytracker.com/id?1026139 - () http://www.securitytracker.com/id?1026139 -
References () http://www.vmware.com/security/advisories/VMSA-2011-0011.html - Patch, Vendor Advisory () http://www.vmware.com/security/advisories/VMSA-2011-0011.html - Patch, Vendor Advisory

Information

Published : 2011-10-07 20:55

Updated : 2024-11-21 01:31


NVD link : CVE-2011-3868

Mitre link : CVE-2011-3868

CVE.ORG link : CVE-2011-3868


JSON object : View

Products Affected

vmware

  • workstation
  • ams
  • player
  • fusion
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer