VMware Products Java JRE Multiple Code Execution Vulnerabilities
Last Update Date:
28 Jan 2011
Release Date:
2 Feb 2010
4435
Views
RISK: Medium Risk
Multiple vulnerabilities have been identified in various VMware products, which could be exploited by attackers to bypass security restrictions, disclose sensitive information, cause a denial of service, or compromise an affected system. These issues are caused by errors in Java JRE.
System / Technologies affected
- VMware VirtualCenter versions prior to 2.5 Update 6
- VMware VirtualCenter version 2.0.2
- VMware vCenter version 4.0
- VMware Server version 2.0
- VMware ESX version 4.0
- VMware ESX version 3.5
- VMware ESX version 3.0.3
- VMware vMA version 4.0
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Upgrade to VMware VirtualCenter version 2.5 Update 6 :
http://downloads.vmware.com/download/download.do?downloadGroup=VC250U6
Vulnerability Identifier
- CVE-2009-1101
- CVE-2009-1102
- CVE-2009-1103
- CVE-2009-1104
- CVE-2009-1105
- CVE-2009-1106
- CVE-2009-1107
- CVE-2009-2625
- CVE-2009-2670
- CVE-2009-2671
- CVE-2009-2672
- CVE-2009-2673
- CVE-2009-2675
- CVE-2009-2676
- CVE-2009-2716
- CVE-2009-2718
- CVE-2009-2719
- CVE-2009-2720
- CVE-2009-2721
- CVE-2009-2722
- CVE-2009-2723
- CVE-2009-2724
- CVE-2009-3728
- CVE-2009-3729
- CVE-2009-3864
- CVE-2009-3865
- CVE-2009-3866
- CVE-2009-3867
- CVE-2009-3868
- CVE-2009-3869
- CVE-2009-3871
- CVE-2009-3872
- CVE-2009-3873
- CVE-2009-3874
- CVE-2009-3875
- CVE-2009-3876
- CVE-2009-3877
- CVE-2009-3879
- CVE-2009-3880
- CVE-2009-3881
- CVE-2009-3882
- CVE-2009-3883
- CVE-2009-3884
- CVE-2009-3885
- CVE-2009-3886
Source
Related Link
Share with