BID:30934

VMware Multiple ActiveX Controls Multiple Unspecified Security Vulnerabilities

Info

VMware Multiple ActiveX Controls Multiple Unspecified Security Vulnerabilities

Bugtraq ID:	30934
Class:	Unknown
CVE:	CVE-2008-3691 CVE-2008-3692 CVE-2008-3693 CVE-2008-3694 CVE-2008-3695 CVE-2008-3696
Remote:	Yes
Local:	No
Published:	Aug 30 2008 12:00AM
Updated:	Sep 01 2008 07:44PM
Credit:	Julien Bachmann, Shennan Wang, Shinnai, and Michal Bucko
Vulnerable:	VMWare Workstation 6.0.5 build 109488 VMWare Workstation 6.0.5 VMWare Workstation 5.5.8 build 108000 VMWare Workstation 5.5.8 VMWare Server 1.0.7 build 108231 VMWare Server 1.0.7 VMWare Player 2.0.5 build 109488 VMWare Player 2.0.5 VMWare Player 1.0.8 build 108000 VMWare Player 1.0.8 VMWare Fusion 1.1.2 VMWare Fusion 1.1.1 VMWare Fusion 1.1 VMWare Fusion 1.1.2 build 87978 VMWare Fusion 1.0 VMWare ACE 2.0.5 build 109488 VMWare ACE 2.0.5 VMWare ACE 1.0.7 build 108880 VMWare ACE 1.0.7

Not Vulnerable:

Discussion

VMware Multiple ActiveX Controls Multiple Unspecified Security Vulnerabilities

Multiple VMware ActiveX controls are prone to multiple unspecified security issues.

Very little information is known about these issues. We will update this BID as soon as more information becomes available.

Exploit / POC

VMware Multiple ActiveX Controls Multiple Unspecified Security Vulnerabilities

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

VMware Multiple ActiveX Controls Multiple Unspecified Security Vulnerabilities

Solution:
The vendor has released an update. Please see the references for more information.

References

VMware Multiple ActiveX Controls Multiple Unspecified Security Vulnerabilities

References:

Microsoft Knowledge Base Article 240797 (Microsoft)
VMware Homepage (VMware)