QwikSec

Security Database

CVE

CWE

Training

CVE-2010-1138

Published: Apr 12, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_GENTOO

third-party-advisory

x_refsource_SECUNIA

[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues

mailing-list

x_refsource_MLIST

third-party-advisory

x_refsource_SECUNIA

20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_BID

http://www.vmware.com/security/advisories/VMSA-2010-0007.html

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_OSVDB

20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues

mailing-list

x_refsource_FULLDISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.