Privilege Escalation Vulnerability in multiple VMware products with multiple memory damages

Release date:
Updated on:

Affected Systems:
VMWare Workstation 8.0.2
VMWare Workstation 8.0.1
VMWare Player 4.1.2
VMWare Player 4.1.1
VMWare Player 4.0.2
VMWare Player 4.0.1
VMWare Fusion 4.1.2
VMWare Fusion 4.1.1
VMWare ESX 4.1
VMWare ESX 4.0
VMWare ESX 3.5
VMWare ESXi 1, 5.0
VMWare ESXi 1, 4.1
VMWare ESXi 1, 4.0
VMWare ESXi 1, 3.5
Description:
--------------------------------------------------------------------------------
Bugtraq id: 53369
Cve id: CVE-2012-1516, CVE-2012-1517, CVE-2012-2449, CVE-2012-2450

VMWare is a "Virtual PC" software that enables you to run two or more Windows, DOS, and LINUX systems simultaneously on one machine.

Multiple VMWare products have multiple permission Escalation Vulnerabilities. Local attackers can exploit these vulnerabilities to execute arbitrary code or cause DOS.

<* Source: vendor
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

VMWare
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.vmware.com/security/