ID |
CVE-2009-3282
|
Summary |
Integer overflow in the vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 allows host OS users to cause a denial of service to the host OS via unspecified vectors. Per: http://lists.vmware.com/pipermail/security-announce/2009/000066.html
Solution
Please review the patch/release notes for your product and version
and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Fusion 2.0.6 (for Intel-based Macs): Download including
VMware Fusion and a 12 month complimentary subscription to McAfee
VirusScan Plus 2009
md5sum: d35490aa8caa92e21339c95c77314b2f
sha1sum: 9c41985d754ac718032a47af8a3f98ea28fddb26
VMware Fusion 2.0.6 (for Intel-based Macs): Download including only
VMware Fusion software
md5sum: 2e8d39defdffed224c4bab4218cc6659
sha1sum: 453d54a2f37b257a0aad17c95843305250c7b6ef
|
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:vmware:fusion:1.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:1.0:*:*:*:*:*:*:*
-
cpe:2.3:a:vmware:fusion:1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:vmware:fusion:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:1.1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:vmware:fusion:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:1.1.2:*:*:*:*:*:*:*
-
cpe:2.3:a:vmware:fusion:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:1.1.3:*:*:*:*:*:*:*
-
cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*
-
cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*
-
cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*
-
cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:*
-
cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:*
-
cpe:2.3:a:vmware:fusion:-:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:-:*:*:*:*:*:*:*
-
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
|
CVSS |
Base: | 7.8 (as of 20-10-2009 - 04:00) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-189 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
refmap
via4
|
|
Last major update |
20-10-2009 - 04:00 |
Published |
16-10-2009 - 16:30 |
Last modified |
20-10-2009 - 04:00 |