Rapid7 Vulnerability & Exploit Database

VMware Workstation: UDF file system import remote code execution (VMSA-2011-0011) (CVE-2011-3868)

Back to Search

VMware Workstation: UDF file system import remote code execution (VMSA-2011-0011) (CVE-2011-3868)

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
10/07/2011
Created
07/25/2018
Added
02/18/2014
Modified
05/27/2016

Description

Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image.

Solution(s)

  • vmware-workstation-upgrade-7_1_5

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;