VMware Unspecified Buffer Overflow Vulnerability
BID:23322
Info
VMware Unspecified Buffer Overflow Vulnerability
| Bugtraq ID: | 23322 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-1271 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 04 2007 12:00AM |
| Updated: | Apr 06 2007 02:52AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
VMWare ESX Server 3.0.1 VMWare ESX Server 3.0 |
| Not Vulnerable: | |
Discussion
VMware Unspecified Buffer Overflow Vulnerability
VMware is prone to an unspecified buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code with administrative privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial of service.
VMware is prone to an unspecified buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code with administrative privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial of service.
Exploit / POC
VMware Unspecified Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
VMware Unspecified Buffer Overflow Vulnerability
Solution:
The vendor released an update to address this issue. Please see the references for more information.
Solution:
The vendor released an update to address this issue. Please see the references for more information.