VMware Security Advisory List
Sheet1Patch ReleaseBulletin IDKnowledge
BaseKBBuildProductVersionRunning onCVENVDAdvisory NameAdvisory
URLVuln TitleVulnerbility DescriptionWorkaroundsFinder
CompanyFinderCVSS v2 (SCORE) (NIST)CVSSPublishedLast UpdateNot
AffectedvCenter Server4.0WindowsCVE-2011-0726; CVE-2011-1078;
CVE-2011-1079; CVE-2011-1080; CVE-2011-1093; CVE-2011-1163;
CVE-2011-1166; CVE-2011-1170; CVE-2011-1171; CVE-2011-1172;
CVE-2011-1494; CVE-2011-1495; CVE-2011-1577; CVE-2011-1763;
CVE-2010-4649; CVE-2011-0695; CVE-2011-0711; CVE-2011-1044;
CVE-2011-1182; CVE-2011-1573; CVE-2011-1576; CVE-2011-1593;
CVE-2011-1745; CVE-2011-1746; CVE-2011-1776; CVE-2011-1936;
CVE-2011-2022; CVE-2011-2213; CVE-2011-2492; CVE-2011-1780;
CVE-2011-2525; CVE-2011-2689; CVE-2011-2482; CVE-2011-2491;
CVE-2011-2495; CVE-2011-2517; CVE-2011-2519;
CVE-2011-2901ERROR:#VALUE!VMSA-2012-0001AdvESX third party update
for Service Console kernelThe ESX Service Console Operating System
(COS) kernel is updated to kernel-2.6.18-274.3.1.el5 to fix
multiple security issues in the COS kernel.NANA1/30/123/29/12Not
AffectedvCenter Server4.1WindowsCVE-2011-0726; CVE-2011-1078;
CVE-2011-1079; CVE-2011-1080; CVE-2011-1093; CVE-2011-1163;
CVE-2011-1166; CVE-2011-1170; CVE-2011-1171; CVE-2011-1172;
CVE-2011-1494; CVE-2011-1495; CVE-2011-1577; CVE-2011-1763;
CVE-2010-4649; CVE-2011-0695; CVE-2011-0711; CVE-2011-1044;
CVE-2011-1182; CVE-2011-1573; CVE-2011-1576; CVE-2011-1593;
CVE-2011-1745; CVE-2011-1746; CVE-2011-1776; CVE-2011-1936;
CVE-2011-2022; CVE-2011-2213; CVE-2011-2492; CVE-2011-1780;
CVE-2011-2525; CVE-2011-2689; CVE-2011-2482; CVE-2011-2491;
CVE-2011-2495; CVE-2011-2517; CVE-2011-2519;
CVE-2011-2901ERROR:#VALUE!VMSA-2012-0001AdvESX third party update
for Service Console kernelThe ESX Service Console Operating System
(COS) kernel is updated to kernel-2.6.18-274.3.1.el5 to fix
multiple security issues in the COS kernel.NANA1/30/123/29/12Not
AffectedvCenter Server5.0WindowsCVE-2011-0726; CVE-2011-1078;
CVE-2011-1079; CVE-2011-1080; CVE-2011-1093; CVE-2011-1163;
CVE-2011-1166; CVE-2011-1170; CVE-2011-1171; CVE-2011-1172;
CVE-2011-1494; CVE-2011-1495; CVE-2011-1577; CVE-2011-1763;
CVE-2010-4649; CVE-2011-0695; CVE-2011-0711; CVE-2011-1044;
CVE-2011-1182; CVE-2011-1573; CVE-2011-1576; CVE-2011-1593;
CVE-2011-1745; CVE-2011-1746; CVE-2011-1776; CVE-2011-1936;
CVE-2011-2022; CVE-2011-2213; CVE-2011-2492; CVE-2011-1780;
CVE-2011-2525; CVE-2011-2689; CVE-2011-2482; CVE-2011-2491;
CVE-2011-2495; CVE-2011-2517; CVE-2011-2519;
CVE-2011-2901ERROR:#VALUE!VMSA-2012-0001AdvESX third party update
for Service Console kernelThe ESX Service Console Operating System
(COS) kernel is updated to kernel-2.6.18-274.3.1.el5 to fix
multiple security issues in the COS kernel.NANA1/30/123/29/12Not
AffectedESXi3.5ESXiCVE-2011-0726; CVE-2011-1078; CVE-2011-1079;
CVE-2011-1080; CVE-2011-1093; CVE-2011-1163; CVE-2011-1166;
CVE-2011-1170; CVE-2011-1171; CVE-2011-1172; CVE-2011-1494;
CVE-2011-1495; CVE-2011-1577; CVE-2011-1763; CVE-2010-4649;
CVE-2011-0695; CVE-2011-0711; CVE-2011-1044; CVE-2011-1182;
CVE-2011-1573; CVE-2011-1576; CVE-2011-1593; CVE-2011-1745;
CVE-2011-1746; CVE-2011-1776; CVE-2011-1936; CVE-2011-2022;
CVE-2011-2213; CVE-2011-2492; CVE-2011-1780; CVE-2011-2525;
CVE-2011-2689; CVE-2011-2482; CVE-2011-2491; CVE-2011-2495;
CVE-2011-2517; CVE-2011-2519;
CVE-2011-2901ERROR:#VALUE!VMSA-2012-0001AdvESX third party update
for Service Console kernelThe ESX Service Console Operating System
(COS) kernel is updated to kernel-2.6.18-274.3.1.el5 to fix
multiple security issues in the COS kernel.NANA1/30/123/29/12Not
AffectedESXi4.0ESXiCVE-2011-0726; CVE-2011-1078; CVE-2011-1079;
CVE-2011-1080; CVE-2011-1093; CVE-2011-1163; CVE-2011-1166;
CVE-2011-1170; CVE-2011-1171; CVE-2011-1172; CVE-2011-1494;
CVE-2011-1495; CVE-2011-1577; CVE-2011-1763; CVE-2010-4649;
CVE-2011-0695; CVE-2011-0711; CVE-2011-1044; CVE-2011-1182;
CVE-2011-1573; CVE-2011-1576; CVE-2011-1593; CVE-2011-1745;
CVE-2011-1746; CVE-2011-1776; CVE-2011-1936; CVE-2011-2022;
CVE-2011-2213; CVE-2011-2492; CVE-2011-1780; CVE-2011-2525;
CVE-2011-2689; CVE-2011-2482; CVE-2011-2491; CVE-2011-2495;
CVE-2011-2517; CVE-2011-2519;
CVE-2011-2901ERROR:#VALUE!VMSA-2012-0001AdvESX third party update
for Service Console kernelThe ESX Service Console Operating System
(COS) kernel is updated to kernel-2.6.18-274.3.1.el5 to fix
multiple security issues in the COS kernel.NANA1/30/123/29/12Not
AffectedESXi4.1ESXiCVE-2011-0726; CVE-2011-1078; CVE-2011-1079;
CVE-2011-1080; CVE-2011-1093; CVE-2011-1163; CVE-2011-1166;
CVE-2011-1170; CVE-2011-1171; CVE-2011-1172; CVE-2011-1494;
CVE-2011-1495; CVE-2011-1577; CVE-2011-1763; CVE-2010-4649;
CVE-2011-0695; CVE-2011-0711; CVE-2011-1044; CVE-2011-1182;
CVE-2011-1573; CVE-2011-1576; CVE-2011-1593; CVE-2011-1745;
CVE-2011-1746; CVE-2011-1776; CVE-2011-1936; CVE-2011-2022;
CVE-2011-2213; CVE-2011-2492; CVE-2011-1780; CVE-2011-2525;
CVE-2011-2689; CVE-2011-2482; CVE-2011-2491; CVE-2011-2495;
CVE-2011-2517; CVE-2011-2519;
CVE-2011-2901ERROR:#VALUE!VMSA-2012-0001AdvESX third party update
for Service Console kernelThe ESX Service Console Operating System
(COS) kernel is updated to kernel-2.6.18-274.3.1.el5 to fix
multiple security issues in the COS kernel.NANA1/30/123/29/12Not
AffectedESXi5.0ESXiCVE-2011-0726; CVE-2011-1078; CVE-2011-1079;
CVE-2011-1080; CVE-2011-1093; CVE-2011-1163; CVE-2011-1166;
CVE-2011-1170; CVE-2011-1171; CVE-2011-1172; CVE-2011-1494;
CVE-2011-1495; CVE-2011-1577; CVE-2011-1763; CVE-2010-4649;
CVE-2011-0695; CVE-2011-0711; CVE-2011-1044; CVE-2011-1182;
CVE-2011-1573; CVE-2011-1576; CVE-2011-1593; CVE-2011-1745;
CVE-2011-1746; CVE-2011-1776; CVE-2011-1936; CVE-2011-2022;
CVE-2011-2213; CVE-2011-2492; CVE-2011-1780; CVE-2011-2525;
CVE-2011-2689; CVE-2011-2482; CVE-2011-2491; CVE-2011-2495;
CVE-2011-2517; CVE-2011-2519;
CVE-2011-2901ERROR:#VALUE!VMSA-2012-0001AdvESX third party update
for Service Console kernelThe ESX Service Console Operating System
(COS) kernel is updated to kernel-2.6.18-274.3.1.el5 to fix
multiple security issues in the COS kernel.NANA1/30/123/29/12Not
ApplicableESX3.5ESXCVE-2011-0726; CVE-2011-1078; CVE-2011-1079;
CVE-2011-1080; CVE-2011-1093; CVE-2011-1163; CVE-2011-1166;
CVE-2011-1170; CVE-2011-1171; CVE-2011-1172; CVE-2011-1494;
CVE-2011-1495; CVE-2011-1577; CVE-2011-1763; CVE-2010-4649;
CVE-2011-0695; CVE-2011-0711; CVE-2011-1044; CVE-2011-1182;
CVE-2011-1573; CVE-2011-1576; CVE-2011-1593; CVE-2011-1745;
CVE-2011-1746; CVE-2011-1776; CVE-2011-1936; CVE-2011-2022;
CVE-2011-2213; CVE-2011-2492; CVE-2011-1780; CVE-2011-2525;
CVE-2011-2689; CVE-2011-2482; CVE-2011-2491; CVE-2011-2495;
CVE-2011-2517; CVE-2011-2519;
CVE-2011-2901ERROR:#VALUE!VMSA-2012-0001AdvESX third party update
for Service Console kernelThe ESX Service Console Operating System
(COS) kernel is updated to kernel-2.6.18-274.3.1.el5 to fix
multiple security issues in the COS
kernel.NANA1/30/123/29/12ESX400-201203001ESX400-201203401-SG2011767KB660575ESX4.0ESXCVE-2011-0726;
CVE-2011-1078; CVE-2011-1079; CVE-2011-1080; CVE-2011-1093;
CVE-2011-1163; CVE-2011-1166; CVE-2011-1170; CVE-2011-1171;
CVE-2011-1172; CVE-2011-1494; CVE-2011-1495; CVE-2011-1577;
CVE-2011-1763; CVE-2010-4649; CVE-2011-0695; CVE-2011-0711;
CVE-2011-1044; CVE-2011-1182; CVE-2011-1573; CVE-2011-1576;
CVE-2011-1593; CVE-2011-1745; CVE-2011-1746; CVE-2011-1776;
CVE-2011-1936; CVE-2011-2022; CVE-2011-2213; CVE-2011-2492;
CVE-2011-1780; CVE-2011-2525; CVE-2011-2689; CVE-2011-2482;
CVE-2011-2491; CVE-2011-2495; CVE-2011-2517; CVE-2011-2519;
CVE-2011-2901ERROR:#VALUE!VMSA-2012-0001AdvESX third party update
for Service Console kernelThe ESX Service Console Operating System
(COS) kernel is updated to kernel-2.6.18-274.3.1.el5 to fix
multiple security issues in the COS
kernel.NANA1/30/123/29/12ESX400-201203401ESX410-201201401-SG2011767KB660575ESX4.1ESXCVE-2011-0726;
CVE-2011-1078; CVE-2011-1079; CVE-2011-1080; CVE-2011-1093;
CVE-2011-1163; CVE-2011-1166; CVE-2011-1170; CVE-2011-1171;
CVE-2011-1172; CVE-2011-1494; CVE-2011-1495; CVE-2011-1577;
CVE-2011-1763; CVE-2010-4649; CVE-2011-0695; CVE-2011-0711;
CVE-2011-1044; CVE-2011-1182; CVE-2011-1573; CVE-2011-1576;
CVE-2011-1593; CVE-2011-1745; CVE-2011-1746; CVE-2011-1776;
CVE-2011-1936; CVE-2011-2022; CVE-2011-2213; CVE-2011-2492;
CVE-2011-1780; CVE-2011-2525; CVE-2011-2689; CVE-2011-2482;
CVE-2011-2491; CVE-2011-2495; CVE-2011-2517; CVE-2011-2519;
CVE-2011-2901ERROR:#VALUE!VMSA-2012-0001AdvESX third party update
for Service Console kernelThe ESX Service Console Operating System
(COS) kernel is updated to kernel-2.6.18-274.3.1.el5 to fix
multiple security issues in the COS kernel.NANA1/30/123/29/12Not
AffectedvCenter
Server4.0WindowsCVE-2011-2192NVDVMSA-2012-0001AdvESX third party
update for Service Console cURL RPM The ESX Service Console (COS)
curl RPM is updated to cURL-7.15.5.9 resolving a security
issueNANA1/30/123/29/12Not AffectedvCenter
Server4.1WindowsCVE-2011-2192NVDVMSA-2012-0001AdvESX third party
update for Service Console cURL RPM The ESX Service Console (COS)
curl RPM is updated to cURL-7.15.5.9 resolving a security
issueNANA1/30/123/29/12Not AffectedvCenter
Server5.0WindowsCVE-2011-2192NVDVMSA-2012-0001AdvESX third party
update for Service Console cURL RPM The ESX Service Console (COS)
curl RPM is updated to cURL-7.15.5.9 resolving a security
issueNANA1/30/123/29/12Not
AffectedESXi3.5ESXiCVE-2011-2192NVDVMSA-2012-0001AdvESX third party
update for Service Console cURL RPM The ESX Service Console (COS)
curl RPM is updated to cURL-7.15.5.9 resolving a security
issueNANA1/30/123/29/12Not
AffectedESXi4.0ESXiCVE-2011-2192NVDVMSA-2012-0001AdvESX third party
update for Service Console cURL RPM The ESX Service Console (COS)
curl RPM is updated to cURL-7.15.5.9 resolving a security
issueNANA1/30/123/29/12Not
AffectedESXi4.1ESXiCVE-2011-2192NVDVMSA-2012-0001AdvESX third party
update for Service Console cURL RPM The ESX Service Console (COS)
curl RPM is updated to cURL-7.15.5.9 resolving a security
issueNANA1/30/123/29/12Not
AffectedESXi5.0ESXiCVE-2011-2192NVDVMSA-2012-0001AdvESX third party
update for Service Console cURL RPM The ESX Service Console (COS)
curl RPM is updated to cURL-7.15.5.9 resolving a security
issueNANA1/30/123/29/12Not
ApplicableESX3.5ESXCVE-2011-2192NVDVMSA-2012-0001AdvESX third party
update for Service Console cURL RPM The ESX Service Console (COS)
curl RPM is updated to cURL-7.15.5.9 resolving a security
issueNANA1/30/123/29/12ESX400-201203001ESX400-201203403-SG2011767KB660575ESX4.0ESXCVE-2011-2192NVDVMSA-2012-0001AdvESX
third party update for Service Console cURL RPM The ESX Service
Console (COS) curl RPM is updated to cURL-7.15.5.9 resolving a
security
issueNANA4.3AV:N/AC:M/AU:N/C:P/I:N/A:N1/30/123/29/12ESX410-201201001ESX410-201201402-SG2009080KB660575ESX4.1ESXCVE-2011-2192NVDVMSA-2012-0001AdvESX
third party update for Service Console cURL RPM The ESX Service
Console (COS) curl RPM is updated to cURL-7.15.5.9 resolving a
security issueNANA4.3AV:N/AC:M/AU:N/C:P/I:N/A:N1/30/123/29/12Not
AffectedvCenter Server4.0WindowsCVE-2010-2059;
CVE-2011-3378NVDVMSA-2012-0001AdvESX third party update for Service
Console rpm RPMsThe ESX Service Console Operating System (COS) rpm
packages are updated to
popt-1.10.2.3-22.el5_7.2rpm-4.4.2.3-22.el5_7.2rpm-libs-4.4.2.3-22.el5_7.2
and rpm-python-4.4.2.3-22.el5_7.2 which fixes multiple security
issues.NANA1/30/123/29/12Not AffectedvCenter
Server4.1WindowsCVE-2010-2059; CVE-2011-3378NVDVMSA-2012-0001AdvESX
third party update for Service Console rpm RPMsThe ESX Service
Console Operating System (COS) rpm packages are updated to
popt-1.10.2.3-22.el5_7.2rpm-4.4.2.3-22.el5_7.2rpm-libs-4.4.2.3-22.el5_7.2
and rpm-python-4.4.2.3-22.el5_7.2 which fixes multiple security
issues.NANA1/30/123/29/12Not AffectedvCenter
Server5.0WindowsCVE-2010-2059; CVE-2011-3378NVDVMSA-2012-0001AdvESX
third party update for Service Console rpm RPMsThe ESX Service
Console Operating System (COS) rpm packages are updated to
popt-1.10.2.3-22.el5_7.2rpm-4.4.2.3-22.el5_7.2rpm-libs-4.4.2.3-22.el5_7.2
and rpm-python-4.4.2.3-22.el5_7.2 which fixes multiple security
issues.NANA1/30/123/29/12Not AffectedESXi3.5ESXiCVE-2010-2059;
CVE-2011-3378NVDVMSA-2012-0001AdvESX third party update for Service
Console rpm RPMsThe ESX Service Console Operating System (COS) rpm
packages are updated to
popt-1.10.2.3-22.el5_7.2rpm-4.4.2.3-22.el5_7.2rpm-libs-4.4.2.3-22.el5_7.2
and rpm-python-4.4.2.3-22.el5_7.2 which fixes multiple security
issues.NANA1/30/123/29/12Not AffectedESXi4.0ESXiCVE-2010-2059;
CVE-2011-3378NVDVMSA-2012-0001AdvESX third party update for Service
Console rpm RPMsThe ESX Service Console Operating System (COS) rpm
packages are updated to
popt-1.10.2.3-22.el5_7.2rpm-4.4.2.3-22.el5_7.2rpm-libs-4.4.2.3-22.el5_7.2
and rpm-python-4.4.2.3-22.el5_7.2 which fixes multiple security
issues.NANA1/30/123/29/12Not AffectedESXi4.1ESXiCVE-2010-2059;
CVE-2011-3378NVDVMSA-2012-0001AdvESX third party update for Service
Console rpm RPMsThe ESX Service Console Operating System (COS) rpm
packages are updated to
popt-1.10.2.3-22.el5_7.2rpm-4.4.2.3-22.el5_7.2rpm-libs-4.4.2.3-22.el5_7.2
and rpm-python-4.4.2.3-22.el5_7.2 which fixes multiple security
issues.NANA1/30/123/29/12Not AffectedESXi5.1ESXiCVE-2010-2059;
CVE-2011-3378NVDVMSA-2012-0001AdvESX third party update for Service
Console rpm RPMsThe ESX Service Console Operating System (COS) rpm
packages are updated to
popt-1.10.2.3-22.el5_7.2rpm-4.4.2.3-22.el5_7.2rpm-libs-4.4.2.3-22.el5_7.2
and rpm-python-4.4.2.3-22.el5_7.2 which fixes multiple security
issues.NANA1/30/123/29/12Not ApplicableESX3.5ESXCVE-2010-2059;
CVE-2011-3378NVDVMSA-2012-0001AdvESX third party update for Service
Console rpm RPMsThe ESX Service Console Operating System (COS) rpm
packages are updated to
popt-1.10.2.3-22.el5_7.2rpm-4.4.2.3-22.el5_7.2rpm-libs-4.4.2.3-22.el5_7.2
and rpm-python-4.4.2.3-22.el5_7.2 which fixes multiple security
issues.NANA1/30/123/29/12ESX400-201203001ESX400-201203405-SG2011767KB660575ESX4.0ESXCVE-2010-2059;
CVE-2011-3378NVDVMSA-2012-0001AdvESX third party update for Service
Console rpm RPMsThe ESX Service Console Operating System (COS) rpm
packages are updated to
popt-1.10.2.3-22.el5_7.2rpm-4.4.2.3-22.el5_7.2rpm-libs-4.4.2.3-22.el5_7.2
and rpm-python-4.4.2.3-22.el5_7.2 which fixes multiple security
issues.NANA9.3AV:N/AC:M/AU:N/C:C/I:C/A:C1/30/123/29/12ESX410-201201001ESX410-201201406-SG2009080KB660575ESX4.1ESXCVE-2010-2059;
CVE-2011-3378NVDVMSA-2012-0001AdvESX third party update for Service
Console rpm RPMsThe ESX Service Console Operating System (COS) rpm
packages are updated to
popt-1.10.2.3-22.el5_7.2rpm-4.4.2.3-22.el5_7.2rpm-libs-4.4.2.3-22.el5_7.2
and rpm-python-4.4.2.3-22.el5_7.2 which fixes multiple security
issues.NANA9.3AV:N/AC:M/AU:N/C:C/I:C/A:C1/30/123/29/12Not
AffectedvCenter Server4.0WindowsCVE-2010-0547; CVE-2010-0787;
CVE-2011-1678; CVE-2011-2522; CVE-2011-2694NVDVMSA-2012-0001AdvESX
third party update for Service Console samba RPMsThe ESX Service
Console Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not AffectedvCenter
Server4.1WindowsCVE-2010-0547; CVE-2010-0787; CVE-2011-1678;
CVE-2011-2522; CVE-2011-2694NVDVMSA-2012-0001AdvESX third party
update for Service Console samba RPMsThe ESX Service Console
Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not AffectedvCenter
Server5.0WindowsCVE-2010-0547; CVE-2010-0787; CVE-2011-1678;
CVE-2011-2522; CVE-2011-2694NVDVMSA-2012-0001AdvESX third party
update for Service Console samba RPMsThe ESX Service Console
Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not
AffectedESXi3.5ESXiCVE-2010-0547; CVE-2010-0787; CVE-2011-1678;
CVE-2011-2522; CVE-2011-2694NVDVMSA-2012-0001AdvESX third party
update for Service Console samba RPMsThe ESX Service Console
Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not
AffectedESXi4.0ESXiCVE-2010-0547; CVE-2010-0787; CVE-2011-1678;
CVE-2011-2522; CVE-2011-2694NVDVMSA-2012-0001AdvESX third party
update for Service Console samba RPMsThe ESX Service Console
Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not
AffectedESXi4.1ESXiCVE-2010-0547; CVE-2010-0787; CVE-2011-1678;
CVE-2011-2522; CVE-2011-2694NVDVMSA-2012-0001AdvESX third party
update for Service Console samba RPMsThe ESX Service Console
Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not
AffectedESXi5.0ESXiCVE-2010-0547; CVE-2010-0787; CVE-2011-1678;
CVE-2011-2522; CVE-2011-2694NVDVMSA-2012-0001AdvESX third party
update for Service Console samba RPMsThe ESX Service Console
Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not
ApplicableESX3.5ESXCVE-2010-0547; CVE-2010-0787; CVE-2011-1678;
CVE-2011-2522; CVE-2011-2694NVDVMSA-2012-0001AdvESX third party
update for Service Console samba RPMsThe ESX Service Console
Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba
client.NANA1/30/123/29/12ESX400-201203001ESX400-201203404-SG2011767KB660575ESX4.0ESXCVE-2010-0547;
CVE-2010-0787; CVE-2011-1678; CVE-2011-2522;
CVE-2011-2694NVDVMSA-2012-0001AdvESX third party update for Service
Console samba RPMsThe ESX Service Console Operating System (COS)
samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba
client.NANA1/30/123/29/12ESX410-201201001ESX410-201201407-SG2009080KB660575ESX4.1ESXCVE-2010-0547;
CVE-2010-0787; CVE-2011-1678; CVE-2011-2522;
CVE-2011-2694NVDVMSA-2012-0001AdvESX third party update for Service
Console samba RPMsThe ESX Service Console Operating System (COS)
samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not AffectedvCenter
Server4.0WindowsCVE-2009-3720; CVE-2010-3493; CVE-2011-1015;
CVE-2011-1521NVDVMSA-2012-0001AdvESX third party update for Service
Console samba RPMsThe ESX Service Console Operating System (COS)
samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not AffectedvCenter
Server4.1WindowsCVE-2009-3720; CVE-2010-3493; CVE-2011-1015;
CVE-2011-1521NVDVMSA-2012-0001AdvESX third party update for Service
Console samba RPMsThe ESX Service Console Operating System (COS)
samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not AffectedvCenter
Server5.0WindowsCVE-2009-3720; CVE-2010-3493; CVE-2011-1015;
CVE-2011-1521NVDVMSA-2012-0001AdvESX third party update for Service
Console samba RPMsThe ESX Service Console Operating System (COS)
samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not
AffectedESXi3.5ESXiCVE-2009-3720; CVE-2010-3493; CVE-2011-1015;
CVE-2011-1521NVDVMSA-2012-0001AdvESX third party update for Service
Console samba RPMsThe ESX Service Console Operating System (COS)
samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not
AffectedESXi4.0ESXiCVE-2009-3720; CVE-2010-3493; CVE-2011-1015;
CVE-2011-1521NVDVMSA-2012-0001AdvESX third party update for Service
Console samba RPMsThe ESX Service Console Operating System (COS)
samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not
AffectedESXi4.1ESXiCVE-2009-3720; CVE-2010-3493; CVE-2011-1015;
CVE-2011-1521NVDVMSA-2012-0001AdvESX third party update for Service
Console samba RPMsThe ESX Service Console Operating System (COS)
samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not
AffectedESXi5.0ESXiCVE-2009-3720; CVE-2010-3493; CVE-2011-1015;
CVE-2011-1521NVDVMSA-2012-0001AdvESX third party update for Service
Console samba RPMsThe ESX Service Console Operating System (COS)
samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not
ApplicableESX3.5ESXCVE-2009-3720; CVE-2010-3493; CVE-2011-1015;
CVE-2011-1521NVDVMSA-2012-0001AdvESX third party update for Service
Console samba RPMsThe ESX Service Console Operating System (COS)
samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba
client.NANA1/30/123/29/12ESX400-201203001ESX400-201203402-SG2011767KB660575ESX4.0ESXCVE-2009-3720;
CVE-2010-3493; CVE-2011-1015; CVE-2011-1521NVDVMSA-2012-0001AdvESX
third party update for Service Console samba RPMsThe ESX Service
Console Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba
client.NANA1/30/123/29/12ESX410-201201001ESX410-201201405-SG2009080KB660575ESX4.1ESXCVE-2009-3720;
CVE-2010-3493; CVE-2011-1015; CVE-2011-1521NVDVMSA-2012-0001AdvESX
third party update for Service Console samba RPMsThe ESX Service
Console Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not AffectedvCenter
Server4.0WindowsCVE-2009-3560; CVE-2009-3720; CVE-2010-1634;
CVE-2010-2089; CVE-2011-1521 NVDVMSA-2012-0001AdvESX third party
update for Service Console samba RPMsThe ESX Service Console
Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not AffectedvCenter
Server4.1WindowsCVE-2009-3560; CVE-2009-3720; CVE-2010-1634;
CVE-2010-2089; CVE-2011-1521 NVDVMSA-2012-0001AdvESX third party
update for Service Console samba RPMsThe ESX Service Console
Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not AffectedvCenter
Server5.0WindowsCVE-2009-3560; CVE-2009-3720; CVE-2010-1634;
CVE-2010-2089; CVE-2011-1521 NVDVMSA-2012-0001AdvESX third party
update for Service Console samba RPMsThe ESX Service Console
Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Patch
PendingESXi3.5ESXiCVE-2009-3560; CVE-2009-3720; CVE-2010-1634;
CVE-2010-2089; CVE-2011-1521 NVDVMSA-2012-0001AdvESX third party
update for Service Console samba RPMsThe ESX Service Console
Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba
client.NANA1/30/123/29/12ESXi400-201203001ESXi400-201203401-SG2011768KB660575ESXi4.0ESXiCVE-2009-3560;
CVE-2009-3720; CVE-2010-1634; CVE-2010-2089; CVE-2011-1521
NVDVMSA-2012-0001AdvESX third party update for Service Console
samba RPMsThe ESX Service Console Operating System (COS) samba
packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba
client.NANA1/30/123/29/12ESXi410-201201001ESXi410-201201401-SG2009137KB582267ESXi4.1ESXiCVE-2009-3560;
CVE-2009-3720; CVE-2010-1634; CVE-2010-2089; CVE-2011-1521
NVDVMSA-2012-0001AdvESX third party update for Service Console
samba RPMsThe ESX Service Console Operating System (COS) samba
packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba
client.NANA1/30/123/29/125.0_update01ESXi500-201203101-SG2010823KB608089ESXi5.0ESXiCVE-2009-3560;
CVE-2009-3720; CVE-2010-1634; CVE-2010-2089; CVE-2011-1521
NVDVMSA-2012-0001AdvESX third party update for Service Console
samba RPMsThe ESX Service Console Operating System (COS) samba
packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not
AffectedESX3.5ESXCVE-2009-3560; CVE-2009-3720; CVE-2010-1634;
CVE-2010-2089; CVE-2011-1521 NVDVMSA-2012-0001AdvESX third party
update for Service Console samba RPMsThe ESX Service Console
Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not
AffectedESX4.0ESXCVE-2009-3560; CVE-2009-3720; CVE-2010-1634;
CVE-2010-2089; CVE-2011-1521 NVDVMSA-2012-0001AdvESX third party
update for Service Console samba RPMsThe ESX Service Console
Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.NANA1/30/123/29/12Not
AffectedESX4.1ESXCVE-2009-3560; CVE-2009-3720; CVE-2010-1634;
CVE-2010-2089; CVE-2011-1521 NVDVMSA-2012-0001AdvESX third party
update for Service Console samba RPMsThe ESX Service Console
Operating System (COS) samba packages are updated to
samba-client-3.0.33-3.29.el5_7.4samba-common-3.0.33-3.29.el5_7.4
and libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba
client.NANA1/30/123/29/12vCenter-CB-2.0.1vCenter-CB-2.0.1-643764643764CBM1.6.2anyCVE-2012-1472NVDVMSA-2012-0002AdvThe
vCenter Chargeback Manager (CBM) contains a flaw in its handling of
XML API requests.This vulnerability allows an unauthenticated
remote attacker to download files from the CBM server or conduct a
denial-of-service against the server. VMware thanks Joshua Keyes
for reporting this issue to us.NANAJoshua
Keyes6.4AV:N/AC:L/AU:N/C:P/I:N/A:P3/8/123/8/12vCenter-CB-2.0.1vCenter-CB-2.0.1-643764643764CBM2.0.0anyCVE-2012-1472NVDVMSA-2012-0002AdvThe
vCenter Chargeback Manager (CBM) contains a flaw in its handling of
XML API requests.This vulnerability allows an unauthenticated
remote attacker to download files from the CBM server or conduct a
denial-of-service against the server. VMware thanks Joshua Keyes
for reporting this issue to us.NANAJoshua
Keyes6.4AV:N/AC:L/AU:N/C:P/I:N/A:P3/8/123/8/12vCenter Server 4.0
Update 4aVMware-VIMSetup-all-4.0.0-818020RNRN818020vCenter
Server4.0WindowsCVE-2011-3548; CVE-2011-3521; CVE-2011-3554;
CVE-2011-3544; CVE-2011-3545; ; CVE-2011-3549; CVE-2011-3551;
CVE-2011-3550; CVE-2011-3516; CVE-2011-3556; CVE-2011-3557;
CVE-2011-3560; CVE-2011-3555; CVE-2011-3546; CVE-2011-3558;
CVE-2011-3547; CVE-2011-3389; CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0003AdvVirtualCenter and
ESXOracle (Sun) JRE update 1.5.0_32Oracle (Sun) JRE is updated to
version 1.5.0_32which addresses multiple security issues that
existed in earlier releases of Oracle(Sun) JRE NANA3/8/129/13/12Not
ApplicablevCenter Server4.1WindowsCVE-2011-3548; CVE-2011-3521;
CVE-2011-3554; CVE-2011-3544; CVE-2011-3545; ; CVE-2011-3549;
CVE-2011-3551; CVE-2011-3550; CVE-2011-3516; CVE-2011-3556;
CVE-2011-3557; CVE-2011-3560; CVE-2011-3555; CVE-2011-3546;
CVE-2011-3558; CVE-2011-3547; CVE-2011-3389; CVE-2011-3553;
CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0003AdvVirtualCenter and
ESXOracle (Sun) JRE update 1.5.0_32Oracle (Sun) JRE is updated to
version 1.5.0_32which addresses multiple security issues that
existed in earlier releases of Oracle(Sun) JRE NANA3/8/129/13/12Not
ApplicablevCenter Server5.0WindowsCVE-2011-3548; CVE-2011-3521;
CVE-2011-3554; CVE-2011-3544; CVE-2011-3545; ; CVE-2011-3549;
CVE-2011-3551; CVE-2011-3550; CVE-2011-3516; CVE-2011-3556;
CVE-2011-3557; CVE-2011-3560; CVE-2011-3555; CVE-2011-3546;
CVE-2011-3558; CVE-2011-3547; CVE-2011-3389; CVE-2011-3553;
CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0003AdvVirtualCenter and
ESXOracle (Sun) JRE update 1.5.0_32Oracle (Sun) JRE is updated to
version 1.5.0_32which addresses multiple security issues that
existed in earlier releases of Oracle(Sun) JRE
NANA3/8/129/13/12VirtualCenter 2.5 Update 6bVirtualCenter 2.5
Update 6b598800VirtualCenter2.5WindowsCVE-2011-3548; CVE-2011-3521;
CVE-2011-3554; CVE-2011-3544; CVE-2011-3545; ; CVE-2011-3549;
CVE-2011-3551; CVE-2011-3550; CVE-2011-3516; CVE-2011-3556;
CVE-2011-3557; CVE-2011-3560; CVE-2011-3555; CVE-2011-3546;
CVE-2011-3558; CVE-2011-3547; CVE-2011-3389; CVE-2011-3553;
CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0003AdvVirtualCenter and
ESXOracle (Sun) JRE update 1.5.0_32Oracle (Sun) JRE is updated to
version 1.5.0_32which addresses multiple security issues that
existed in earlier releases of Oracle(Sun) JRE NANA3/8/129/13/12Not
AffectedESXi3.5ESXiCVE-2011-3548; CVE-2011-3521; CVE-2011-3554;
CVE-2011-3544; CVE-2011-3545; ; CVE-2011-3549; CVE-2011-3551;
CVE-2011-3550; CVE-2011-3516; CVE-2011-3556; CVE-2011-3557;
CVE-2011-3560; CVE-2011-3555; CVE-2011-3546; CVE-2011-3558;
CVE-2011-3547; CVE-2011-3389; CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0003AdvVirtualCenter and
ESXOracle (Sun) JRE update 1.5.0_32Oracle (Sun) JRE is updated to
version 1.5.0_32which addresses multiple security issues that
existed in earlier releases of Oracle(Sun) JRE NANA3/8/129/13/12Not
AffectedESXi4.0ESXiCVE-2011-3548; CVE-2011-3521; CVE-2011-3554;
CVE-2011-3544; CVE-2011-3545; ; CVE-2011-3549; CVE-2011-3551;
CVE-2011-3550; CVE-2011-3516; CVE-2011-3556; CVE-2011-3557;
CVE-2011-3560; CVE-2011-3555; CVE-2011-3546; CVE-2011-3558;
CVE-2011-3547; CVE-2011-3389; CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0003AdvVirtualCenter and
ESXOracle (Sun) JRE update 1.5.0_32Oracle (Sun) JRE is updated to
version 1.5.0_32which addresses multiple security issues that
existed in earlier releases of Oracle(Sun) JRE NANA3/8/129/13/12Not
AffectedESXi4.1ESXiCVE-2011-3548; CVE-2011-3521; CVE-2011-3554;
CVE-2011-3544; CVE-2011-3545; ; CVE-2011-3549; CVE-2011-3551;
CVE-2011-3550; CVE-2011-3516; CVE-2011-3556; CVE-2011-3557;
CVE-2011-3560; CVE-2011-3555; CVE-2011-3546; CVE-2011-3558;
CVE-2011-3547; CVE-2011-3389; CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0003AdvVirtualCenter and
ESXOracle (Sun) JRE update 1.5.0_32Oracle (Sun) JRE is updated to
version 1.5.0_32which addresses multiple security issues that
existed in earlier releases of Oracle(Sun) JRE NANA3/8/129/13/12Not
AffectedESXi5.0ESXiCVE-2011-3548; CVE-2011-3521; CVE-2011-3554;
CVE-2011-3544; CVE-2011-3545; ; CVE-2011-3549; CVE-2011-3551;
CVE-2011-3550; CVE-2011-3516; CVE-2011-3556; CVE-2011-3557;
CVE-2011-3560; CVE-2011-3555; CVE-2011-3546; CVE-2011-3558;
CVE-2011-3547; CVE-2011-3389; CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0003AdvVirtualCenter and
ESXOracle (Sun) JRE update 1.5.0_32Oracle (Sun) JRE is updated to
version 1.5.0_32which addresses multiple security issues that
existed in earlier releases of Oracle(Sun) JRE
NANA3/8/129/13/12ESX350-201203401-SG2009155KB604481ESX3.5ESXCVE-2011-3548;
CVE-2011-3521; CVE-2011-3554; CVE-2011-3544; CVE-2011-3545; ;
CVE-2011-3549; CVE-2011-3551; CVE-2011-3550; CVE-2011-3516;
CVE-2011-3556; CVE-2011-3557; CVE-2011-3560; CVE-2011-3555;
CVE-2011-3546; CVE-2011-3558; CVE-2011-3547; CVE-2011-3389;
CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0003AdvVirtualCenter and
ESXOracle (Sun) JRE update 1.5.0_32Oracle (Sun) JRE is updated to
version 1.5.0_32which addresses multiple security issues that
existed in earlier releases of Oracle(Sun) JRE
NANA3/8/129/13/12ESX400-201209001ESX400-201209402-SG2019661KB787047ESX4.0ESXCVE-2011-3548;
CVE-2011-3521; CVE-2011-3554; CVE-2011-3544; CVE-2011-3545; ;
CVE-2011-3549; CVE-2011-3551; CVE-2011-3550; CVE-2011-3516;
CVE-2011-3556; CVE-2011-3557; CVE-2011-3560; CVE-2011-3555;
CVE-2011-3546; CVE-2011-3558; CVE-2011-3547; CVE-2011-3389;
CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0003AdvVirtualCenter and
ESXOracle (Sun) JRE update 1.5.0_32Oracle (Sun) JRE is updated to
version 1.5.0_32which addresses multiple security issues that
existed in earlier releases of Oracle(Sun) JRE NANA3/8/129/13/12Not
ApplicableESX4.1ESXCVE-2011-3548; CVE-2011-3521; CVE-2011-3554;
CVE-2011-3544; CVE-2011-3545; ; CVE-2011-3549; CVE-2011-3551;
CVE-2011-3550; CVE-2011-3516; CVE-2011-3556; CVE-2011-3557;
CVE-2011-3560; CVE-2011-3555; CVE-2011-3546; CVE-2011-3558;
CVE-2011-3547; CVE-2011-3389; CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0003AdvVirtualCenter and
ESXOracle (Sun) JRE update 1.5.0_32Oracle (Sun) JRE is updated to
version 1.5.0_32which addresses multiple security issues that
existed in earlier releases of Oracle(Sun) JRE NANA3/8/129/13/12Not
AffectedView5.0WindowsCVE-2012-1509; CVE-2012-1510; CVE-2012-1508
NVDVMSA-2012-0004AdvVirtualCenter and ESXOracle (Sun) JRE update
1.5.0_32Oracle (Sun) JRE is updated to version 1.5.0_32which
addresses multiple security issues that existed in earlier releases
of Oracle(Sun) JRE NANA3/15/123/15/12View 4.6.1View
4.6.1RNRN640196View4.6WindowsCVE-2012-1509; CVE-2012-1510;
CVE-2012-1508 NVDVMSA-2012-0004AdvVirtualCenter and ESXOracle (Sun)
JRE update 1.5.0_32Oracle (Sun) JRE is updated to version
1.5.0_32which addresses multiple security issues that existed in
earlier releases of Oracle(Sun) JRE NANA3/15/123/15/12No Patch
PlannedView4.0WindowsCVE-2012-1509; CVE-2012-1510; CVE-2012-1508
NVDVMSA-2012-0004AdvVirtualCenter and ESXOracle (Sun) JRE update
1.5.0_32Oracle (Sun) JRE is updated to version 1.5.0_32which
addresses multiple security issues that existed in earlier releases
of Oracle(Sun) JRE NANA3/15/123/15/12Not
AffectedView5.0WindowsCVE-2012-1511NVDVMSA-2012-0004AdvVMware
Virtual Desktop Display Driver Privilege EscalationThe VMware XPDM
and WDDM display drivers contain buffer overflow vulnerabilities
and the XPDM display driver does not properly check for NULL
pointers. Exploitation of these issues may lead to local privilege
escalation on View virtual desktops.NANATarjei
Mandt3/15/123/15/12View 4.6.1View
4.6.1RNRN640196View4.6WindowsCVE-2012-1511NVDVMSA-2012-0004AdvVMware
Virtual Desktop Display Driver Privilege EscalationThe VMware XPDM
and WDDM display drivers contain buffer overflow vulnerabilities
and the XPDM display driver does not properly check for NULL
pointers. Exploitation of these issues may lead to local privilege
escalation on View virtual desktops.NANATarjei
Mandt4.3AV:N/AC:M/AU:N/C:N/I:P/A:N3/15/123/15/12No Patch
PlannedView4.0WindowsCVE-2012-1511NVDVMSA-2012-0004AdvVMware
Virtual Desktop Display Driver Privilege EscalationThe VMware XPDM
and WDDM display drivers contain buffer overflow vulnerabilities
and the XPDM display driver does not properly check for NULL
pointers. Exploitation of these issues may lead to local privilege
escalation on View virtual desktops.NANATarjei
Mandt4.3AV:N/AC:M/AU:N/C:N/I:P/A:N3/15/123/15/12Not AffectedvCenter
Server4.0WindowsCVE-2012-1509; CVE-2012-1510;
CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools Display Driver
Privilege EscalationThe VMware XPDM and WDDM display drivers
contain buffer overflow vulnerabilities and the XPDM display driver
does not properly check for NULL pointers. Exploitation of these
issues may lead to local privilege escalation on Windows-based
Guest Operating Systems.NANATarjei Mandt3/15/1212/20/12Not
AffectedvCenter Server4.1WindowsCVE-2012-1509; CVE-2012-1510;
CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools Display Driver
Privilege EscalationThe VMware XPDM and WDDM display drivers
contain buffer overflow vulnerabilities and the XPDM display driver
does not properly check for NULL pointers. Exploitation of these
issues may lead to local privilege escalation on Windows-based
Guest Operating Systems.NANATarjei Mandt3/15/1212/20/12Not
AffectedvCenter Server5.0WindowsCVE-2012-1509; CVE-2012-1510;
CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools Display Driver
Privilege EscalationThe VMware XPDM and WDDM display drivers
contain buffer overflow vulnerabilities and the XPDM display driver
does not properly check for NULL pointers. Exploitation of these
issues may lead to local privilege escalation on Windows-based
Guest Operating Systems.NANATarjei Mandt3/15/1212/20/12Not
AffectedWorkstation8.0anyCVE-2012-1509; CVE-2012-1510;
CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools Display Driver
Privilege EscalationThe VMware XPDM and WDDM display drivers
contain buffer overflow vulnerabilities and the XPDM display driver
does not properly check for NULL pointers. Exploitation of these
issues may lead to local privilege escalation on Windows-based
Guest Operating Systems.NANATarjei Mandt3/15/1212/20/12Workstation
7.1.47.1.4RNRN491717Workstation7.0anyCVE-2012-1509; CVE-2012-1510;
CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools Display Driver
Privilege EscalationThe VMware XPDM and WDDM display drivers
contain buffer overflow vulnerabilities and the XPDM display driver
does not properly check for NULL pointers. Exploitation of these
issues may lead to local privilege escalation on Windows-based
Guest Operating Systems.NANATarjei Mandt3/15/1212/20/12Not
AffectedPlayer4.0anyCVE-2012-1509; CVE-2012-1510;
CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools Display Driver
Privilege EscalationThe VMware XPDM and WDDM display drivers
contain buffer overflow vulnerabilities and the XPDM display driver
does not properly check for NULL pointers. Exploitation of these
issues may lead to local privilege escalation on Windows-based
Guest Operating Systems.NANATarjei Mandt3/15/1212/20/12Player
3.1.43.1.4Player3.0anyCVE-2012-1509; CVE-2012-1510;
CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools Display Driver
Privilege EscalationThe VMware XPDM and WDDM display drivers
contain buffer overflow vulnerabilities and the XPDM display driver
does not properly check for NULL pointers. Exploitation of these
issues may lead to local privilege escalation on Windows-based
Guest Operating Systems.NANATarjei Mandt3/15/1212/20/12Not
AffectedFusion4.0MacCVE-2012-1509; CVE-2012-1510;
CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools Display Driver
Privilege EscalationThe VMware XPDM and WDDM display drivers
contain buffer overflow vulnerabilities and the XPDM display driver
does not properly check for NULL pointers. Exploitation of these
issues may lead to local privilege escalation on Windows-based
Guest Operating Systems.NANATarjei Mandt3/15/1212/20/12Not
AffectedESXi3.5ESXiCVE-2012-1509; CVE-2012-1510;
CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools Display Driver
Privilege EscalationThe VMware XPDM and WDDM display drivers
contain buffer overflow vulnerabilities and the XPDM display driver
does not properly check for NULL pointers. Exploitation of these
issues may lead to local privilege escalation on Windows-based
Guest Operating Systems.NANATarjei
Mandt3/15/1212/20/12ESXi400-201110001ESXi400-201110402-BG1039199KB480973ESXi4.0ESXiCVE-2012-1509;
CVE-2012-1510; CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools
Display Driver Privilege EscalationThe VMware XPDM and WDDM display
drivers contain buffer overflow vulnerabilities and the XPDM
display driver does not properly check for NULL pointers.
Exploitation of these issues may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATarjei
Mandt3/15/1212/20/124.1_update02ESXi410-201110202-UG2002341KB502767ESXi4.1ESXiCVE-2012-1509;
CVE-2012-1510; CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools
Display Driver Privilege EscalationThe VMware XPDM and WDDM display
drivers contain buffer overflow vulnerabilities and the XPDM
display driver does not properly check for NULL pointers.
Exploitation of these issues may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATarjei
Mandt3/15/1212/20/12ESXi500-201112001ESXi500-201112402-BG2007672KB515841ESXi5.0ESXiCVE-2012-1509;
CVE-2012-1510; CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools
Display Driver Privilege EscalationThe VMware XPDM and WDDM display
drivers contain buffer overflow vulnerabilities and the XPDM
display driver does not properly check for NULL pointers.
Exploitation of these issues may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATarjei
Mandt3/15/1212/20/12Not AffectedESX3.5ESXCVE-2012-1509;
CVE-2012-1510; CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools
Display Driver Privilege EscalationThe VMware XPDM and WDDM display
drivers contain buffer overflow vulnerabilities and the XPDM
display driver does not properly check for NULL pointers.
Exploitation of these issues may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATarjei
Mandt3/15/1212/20/12ESX400-201209001ESX400-201110401-SG2019661KB480973ESX4.0ESXCVE-2012-1509;
CVE-2012-1510; CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools
Display Driver Privilege EscalationThe VMware XPDM and WDDM display
drivers contain buffer overflow vulnerabilities and the XPDM
display driver does not properly check for NULL pointers.
Exploitation of these issues may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATarjei
Mandt3/15/1212/20/124.1_update3ESX410-201110201-SG2020362KB811144ESX4.1ESXCVE-2012-1509;
CVE-2012-1510; CVE-2012-1508NVDVMSA-2012-0005AdvVMware Tools
Display Driver Privilege EscalationThe VMware XPDM and WDDM display
drivers contain buffer overflow vulnerabilities and the XPDM
display driver does not properly check for NULL pointers.
Exploitation of these issues may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATarjei
Mandt3/15/1212/20/12vCO 4.2 Update
1vCO4.2WindowsCVE-2012-1513NVDVMSA-2012-0005AdvvCenter Orchestrator
Password DisclosureThe vCenter Orchestrator (vCO) Web Configuration
tool reflects back the vCenter Server password as part of the
webpage. This might allow the logged-in vCO administrator to
retrieve the vCenter Server password. NADigital Security Research
GroupAlexey Sintsov4.0AV:N/AC:L/AU:S/C:P/I:N/A:N3/15/1212/20/12vCO
4.1 Update 2vCO4.1WindowsCVE-2012-1513NVDVMSA-2012-0005AdvvCenter
Orchestrator Password DisclosureThe vCenter Orchestrator (vCO) Web
Configuration tool reflects back the vCenter Server password as
part of the webpage. This might allow the logged-in vCO
administrator to retrieve the vCenter Server password. NADigital
Security Research GroupAlexey
Sintsov4.0AV:N/AC:L/AU:S/C:P/I:N/A:N3/15/1212/20/12vCO 4.0 Update
4vCO4.0WindowsCVE-2012-1513NVDVMSA-2012-0005AdvvCenter Orchestrator
Password DisclosureThe vCenter Orchestrator (vCO) Web Configuration
tool reflects back the vCenter Server password as part of the
webpage. This might allow the logged-in vCO administrator to
retrieve the vCenter Server password. NADigital Security Research
GroupAlexey Sintsov4.0AV:N/AC:L/AU:S/C:P/I:N/A:N3/15/1212/20/12Not
AffectedvSM5.0LinuxCVE-2012-1514NVDVMSA-2012-0005AdvvShield Manager
Cross-Site Request Forgery vulnerabilityThThe vShield Manager (vSM)
interface has a Cross-Site Request Forgery vulnerability. If an
attacker can convince an authenticated user to visit a malicious
linkthe attacker may force the victim to forward an authenticated
request to the server. - See more at: The vShield Manager (vSM)
interface has a Cross-Site Request Forgery vulnerability. If an
attacker can convince an authenticated user to visit a malicious
linkthe attacker may force the victim to forward an authenticated
request to the server. NAXxor ABFrans Pehrson and Claudio
Criscione3/15/1212/20/12vSM 4.1.0 Update
2RNRN576124vSM4.1LinuxCVE-2012-1514NVDVMSA-2012-0005AdvvShield
Manager Cross-Site Request Forgery vulnerabilityThThe vShield
Manager (vSM) interface has a Cross-Site Request Forgery
vulnerability. If an attacker can convince an authenticated user to
visit a malicious linkthe attacker may force the victim to forward
an authenticated request to the server. - See more at: The vShield
Manager (vSM) interface has a Cross-Site Request Forgery
vulnerability. If an attacker can convince an authenticated user to
visit a malicious linkthe attacker may force the victim to forward
an authenticated request to the server. NAXxor ABFrans Pehrson and
Claudio Criscione6.8AV:N/AC:M/AU:N/C:P/I:P/A:P3/15/1212/20/12vSM
4.0.1 Update
2RNRN638154vSM4.0LinuxCVE-2012-1514NVDVMSA-2012-0005AdvvShield
Manager Cross-Site Request Forgery vulnerabilityThThe vShield
Manager (vSM) interface has a Cross-Site Request Forgery
vulnerability. If an attacker can convince an authenticated user to
visit a malicious linkthe attacker may force the victim to forward
an authenticated request to the server. - See more at: The vShield
Manager (vSM) interface has a Cross-Site Request Forgery
vulnerability. If an attacker can convince an authenticated user to
visit a malicious linkthe attacker may force the victim to forward
an authenticated request to the server. NAXxor ABFrans Pehrson and
Claudio Criscione6.8AV:N/AC:M/AU:N/C:P/I:P/A:P3/15/1212/20/12Not
ApplicablevCenter Server4.0WindowsCVE-2011-3548; CVE-2011-3521;
CVE-2011-3554; CVE-2011-3544; CVE-2011-3545; CVE-2011-3549;
CVE-2011-3551; CVE-2011-3550; CVE-2011-3516; CVE-2011-3556;
CVE-2011-3557; CVE-2011-3560; CVE-2011-3555; CVE-2011-3546;
CVE-2011-3558; CVE-2011-3547; CVE-2011-3389; CVE-2011-3553;
CVE-2011-3552; CVE-2011-3561ERROR:#VALUE!VMSA-2012-0005AdvvCenter
Update ManagerOracle (Sun) JRE update 1.6.0_30Oracle (Sun) JRE is
updated to version 1.6.0_30which addresses multiple security issues
that existed in earlier releases of Oracle (Sun)
JRE.NANANA3/15/1212/20/12vCenter Server 4.1 Update
3VMware-VIMSetup-all-4.1.0-816786RNRNvCenter
Server4.1WindowsCVE-2011-3548; CVE-2011-3521; CVE-2011-3554;
CVE-2011-3544; CVE-2011-3545; CVE-2011-3549; CVE-2011-3551;
CVE-2011-3550; CVE-2011-3516; CVE-2011-3556; CVE-2011-3557;
CVE-2011-3560; CVE-2011-3555; CVE-2011-3546; CVE-2011-3558;
CVE-2011-3547; CVE-2011-3389; CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0005AdvvCenter Update
ManagerOracle (Sun) JRE update 1.6.0_30Oracle (Sun) JRE is updated
to version 1.6.0_30which addresses multiple security issues that
existed in earlier releases of Oracle (Sun)
JRE.NANANA3/15/1212/20/12vCenter Server 5.0 Update 2vCenter Server
5.0 Update 2RNRNvCenter Server5.0WindowsCVE-2011-3548;
CVE-2011-3521; CVE-2011-3554; CVE-2011-3544; CVE-2011-3545;
CVE-2011-3549; CVE-2011-3551; CVE-2011-3550; CVE-2011-3516;
CVE-2011-3556; CVE-2011-3557; CVE-2011-3560; CVE-2011-3555;
CVE-2011-3546; CVE-2011-3558; CVE-2011-3547; CVE-2011-3389;
CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0005AdvvCenter Update
ManagerOracle (Sun) JRE update 1.6.0_30Oracle (Sun) JRE is updated
to version 1.6.0_30which addresses multiple security issues that
existed in earlier releases of Oracle (Sun)
JRE.NANANA3/15/1212/20/12Not
ApplicableVirtualCenter2.5WindowsCVE-2011-3548; CVE-2011-3521;
CVE-2011-3554; CVE-2011-3544; CVE-2011-3545; CVE-2011-3549;
CVE-2011-3551; CVE-2011-3550; CVE-2011-3516; CVE-2011-3556;
CVE-2011-3557; CVE-2011-3560; CVE-2011-3555; CVE-2011-3546;
CVE-2011-3558; CVE-2011-3547; CVE-2011-3389; CVE-2011-3553;
CVE-2011-3552; CVE-2011-3561ERROR:#VALUE!VMSA-2012-0005AdvvCenter
Update ManagerOracle (Sun) JRE update 1.6.0_30Oracle (Sun) JRE is
updated to version 1.6.0_30which addresses multiple security issues
that existed in earlier releases of Oracle (Sun)
JRE.NANANA3/15/1212/20/12Update Manager 5.0 Update 1Update
Manager5.0WindowsCVE-2011-3548; CVE-2011-3521; CVE-2011-3554;
CVE-2011-3544; CVE-2011-3545; CVE-2011-3549; CVE-2011-3551;
CVE-2011-3550; CVE-2011-3516; CVE-2011-3556; CVE-2011-3557;
CVE-2011-3560; CVE-2011-3555; CVE-2011-3546; CVE-2011-3558;
CVE-2011-3547; CVE-2011-3389; CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0005AdvvCenter Update
ManagerOracle (Sun) JRE update 1.6.0_30Oracle (Sun) JRE is updated
to version 1.6.0_30which addresses multiple security issues that
existed in earlier releases of Oracle (Sun)
JRE.NANANA3/15/1212/20/12Not ApplicableUpdate
Manager4.1WindowsCVE-2011-3548; CVE-2011-3521; CVE-2011-3554;
CVE-2011-3544; CVE-2011-3545; CVE-2011-3549; CVE-2011-3551;
CVE-2011-3550; CVE-2011-3516; CVE-2011-3556; CVE-2011-3557;
CVE-2011-3560; CVE-2011-3555; CVE-2011-3546; CVE-2011-3558;
CVE-2011-3547; CVE-2011-3389; CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0005AdvvCenter Update
ManagerOracle (Sun) JRE update 1.6.0_30Oracle (Sun) JRE is updated
to version 1.6.0_30which addresses multiple security issues that
existed in earlier releases of Oracle (Sun)
JRE.NANANA3/15/1212/20/12Not ApplicableUpdate
Manager4.0WindowsCVE-2011-3548; CVE-2011-3521; CVE-2011-3554;
CVE-2011-3544; CVE-2011-3545; CVE-2011-3549; CVE-2011-3551;
CVE-2011-3550; CVE-2011-3516; CVE-2011-3556; CVE-2011-3557;
CVE-2011-3560; CVE-2011-3555; CVE-2011-3546; CVE-2011-3558;
CVE-2011-3547; CVE-2011-3389; CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0005AdvvCenter Update
ManagerOracle (Sun) JRE update 1.6.0_30Oracle (Sun) JRE is updated
to version 1.6.0_30which addresses multiple security issues that
existed in earlier releases of Oracle (Sun)
JRE.NANANA3/15/1212/20/12Not ApplicableESXi3.5ESXiCVE-2011-3548;
CVE-2011-3521; CVE-2011-3554; CVE-2011-3544; CVE-2011-3545;
CVE-2011-3549; CVE-2011-3551; CVE-2011-3550; CVE-2011-3516;
CVE-2011-3556; CVE-2011-3557; CVE-2011-3560; CVE-2011-3555;
CVE-2011-3546; CVE-2011-3558; CVE-2011-3547; CVE-2011-3389;
CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0005AdvvCenter Update
ManagerOracle (Sun) JRE update 1.6.0_30Oracle (Sun) JRE is updated
to version 1.6.0_30which addresses multiple security issues that
existed in earlier releases of Oracle (Sun)
JRE.NANANA3/15/1212/20/12Not ApplicableESXi4.0ESXiCVE-2011-3548;
CVE-2011-3521; CVE-2011-3554; CVE-2011-3544; CVE-2011-3545;
CVE-2011-3549; CVE-2011-3551; CVE-2011-3550; CVE-2011-3516;
CVE-2011-3556; CVE-2011-3557; CVE-2011-3560; CVE-2011-3555;
CVE-2011-3546; CVE-2011-3558; CVE-2011-3547; CVE-2011-3389;
CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0005AdvvCenter Update
ManagerOracle (Sun) JRE update 1.6.0_30Oracle (Sun) JRE is updated
to version 1.6.0_30which addresses multiple security issues that
existed in earlier releases of Oracle (Sun)
JRE.NANANA3/15/1212/20/12Not ApplicableESXi4.1ESXiCVE-2011-3548;
CVE-2011-3521; CVE-2011-3554; CVE-2011-3544; CVE-2011-3545;
CVE-2011-3549; CVE-2011-3551; CVE-2011-3550; CVE-2011-3516;
CVE-2011-3556; CVE-2011-3557; CVE-2011-3560; CVE-2011-3555;
CVE-2011-3546; CVE-2011-3558; CVE-2011-3547; CVE-2011-3389;
CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0005AdvvCenter Update
ManagerOracle (Sun) JRE update 1.6.0_30Oracle (Sun) JRE is updated
to version 1.6.0_30which addresses multiple security issues that
existed in earlier releases of Oracle (Sun)
JRE.NANANA3/15/1212/20/12Not ApplicableESXi5.0ESXiCVE-2011-3548;
CVE-2011-3521; CVE-2011-3554; CVE-2011-3544; CVE-2011-3545;
CVE-2011-3549; CVE-2011-3551; CVE-2011-3550; CVE-2011-3516;
CVE-2011-3556; CVE-2011-3557; CVE-2011-3560; CVE-2011-3555;
CVE-2011-3546; CVE-2011-3558; CVE-2011-3547; CVE-2011-3389;
CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0005AdvvCenter Update
ManagerOracle (Sun) JRE update 1.6.0_30Oracle (Sun) JRE is updated
to version 1.6.0_30which addresses multiple security issues that
existed in earlier releases of Oracle (Sun)
JRE.NANANA3/15/1212/20/12Not ApplicableESX3.5ESXCVE-2011-3548;
CVE-2011-3521; CVE-2011-3554; CVE-2011-3544; CVE-2011-3545;
CVE-2011-3549; CVE-2011-3551; CVE-2011-3550; CVE-2011-3516;
CVE-2011-3556; CVE-2011-3557; CVE-2011-3560; CVE-2011-3555;
CVE-2011-3546; CVE-2011-3558; CVE-2011-3547; CVE-2011-3389;
CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0005AdvvCenter Update
ManagerOracle (Sun) JRE update 1.6.0_30Oracle (Sun) JRE is updated
to version 1.6.0_30which addresses multiple security issues that
existed in earlier releases of Oracle (Sun)
JRE.NANANA3/15/1212/20/12Not ApplicableESX4.0ESXCVE-2011-3548;
CVE-2011-3521; CVE-2011-3554; CVE-2011-3544; CVE-2011-3545;
CVE-2011-3549; CVE-2011-3551; CVE-2011-3550; CVE-2011-3516;
CVE-2011-3556; CVE-2011-3557; CVE-2011-3560; CVE-2011-3555;
CVE-2011-3546; CVE-2011-3558; CVE-2011-3547; CVE-2011-3389;
CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0005AdvvCenter Update
ManagerOracle (Sun) JRE update 1.6.0_30Oracle (Sun) JRE is updated
to version 1.6.0_30which addresses multiple security issues that
existed in earlier releases of Oracle (Sun)
JRE.NANANA3/15/1212/20/12update-from-esxi4.1-4.1_update03ESX410-201208101-SG2020373KB811144ESX4.1ESXCVE-2011-3548;
CVE-2011-3521; CVE-2011-3554; CVE-2011-3544; CVE-2011-3545;
CVE-2011-3549; CVE-2011-3551; CVE-2011-3550; CVE-2011-3516;
CVE-2011-3556; CVE-2011-3557; CVE-2011-3560; CVE-2011-3555;
CVE-2011-3546; CVE-2011-3558; CVE-2011-3547; CVE-2011-3389;
CVE-2011-3553; CVE-2011-3552;
CVE-2011-3561ERROR:#VALUE!VMSA-2012-0005AdvvCenter Update
ManagerOracle (Sun) JRE update 1.6.0_30Oracle (Sun) JRE is updated
to version 1.6.0_30which addresses multiple security issues that
existed in earlier releases of Oracle (Sun)
JRE.NANANA3/15/1212/20/12vCenter 4.0 Update 4aRNRN818020vCenter
Server4.0WindowsCVE-2011-3190; CVE-2011-3375;
CVE-2012-0022NVDVMSA-2012-0005AdvvCenter Server Apache Tomcat
update 6.0.35Apache Tomcat has been updated to version 6.0.35 to
address multiple security issues.NANANA3/15/1212/20/12vCenter 4.1
Update 3RNRN816786vCenter Server4.1WindowsCVE-2011-3190;
CVE-2011-3375; CVE-2012-0022NVDVMSA-2012-0005AdvvCenter Server
Apache Tomcat update 6.0.35Apache Tomcat has been updated to
version 6.0.35 to address multiple security
issues.NANANA3/15/1212/20/12vCenter 5.0 Update 1RNRN639890vCenter
Server5.0WindowsCVE-2011-3190; CVE-2011-3375;
CVE-2012-0022NVDVMSA-2012-0005AdvvCenter Server Apache Tomcat
update 6.0.35Apache Tomcat has been updated to version 6.0.35 to
address multiple security issues.NANANA3/15/1212/20/12Not
ApplicableVirtualCenter2.5WindowsCVE-2011-3190; CVE-2011-3375;
CVE-2012-0022NVDVMSA-2012-0005AdvvCenter Server Apache Tomcat
update 6.0.35Apache Tomcat has been updated to version 6.0.35 to
address multiple security issues.NANANA3/15/1212/20/12Not
ApplicableESXi3.5ESXiCVE-2011-3190; CVE-2011-3375;
CVE-2012-0022NVDVMSA-2012-0005AdvvCenter Server Apache Tomcat
update 6.0.35Apache Tomcat has been updated to version 6.0.35 to
address multiple security issues.NANANA3/15/1212/20/12Not
ApplicableESXi4.0ESXiCVE-2011-3190; CVE-2011-3375;
CVE-2012-0022NVDVMSA-2012-0005AdvvCenter Server Apache Tomcat
update 6.0.35Apache Tomcat has been updated to version 6.0.35 to
address multiple security issues.NANANA3/15/1212/20/12Not
ApplicableESXi4.1ESXiCVE-2011-3190; CVE-2011-3375;
CVE-2012-0022NVDVMSA-2012-0005AdvvCenter Server Apache Tomcat
update 6.0.35Apache Tomcat has been updated to version 6.0.35 to
address multiple security issues.NANANA3/15/1212/20/12Not
ApplicableESXi5.0ESXiCVE-2011-3190; CVE-2011-3375;
CVE-2012-0022NVDVMSA-2012-0005AdvvCenter Server Apache Tomcat
update 6.0.35Apache Tomcat has been updated to version 6.0.35 to
address multiple security issues.NANANA3/15/1212/20/12Not
ApplicableESX3.5ESXCVE-2011-3190; CVE-2011-3375;
CVE-2012-0022NVDVMSA-2012-0005AdvvCenter Server Apache Tomcat
update 6.0.35Apache Tomcat has been updated to version 6.0.35 to
address multiple security
issues.NANANA3/15/1212/20/12ESX400-201209001ESX400-201209401-SG1039199KB480973ESX4.0ESXCVE-2011-3190;
CVE-2011-3375; CVE-2012-0022NVDVMSA-2012-0005AdvvCenter Server
Apache Tomcat update 6.0.35Apache Tomcat has been updated to
version 6.0.35 to address multiple security
issues.NANANA3/15/1212/20/124.1_update3ESX410-201208101-SG2020362KB811144ESX4.1ESXCVE-2011-3190;
CVE-2011-3375; CVE-2012-0022NVDVMSA-2012-0005AdvvCenter Server
Apache Tomcat update 6.0.35Apache Tomcat has been updated to
version 6.0.35 to address multiple security
issues.NANANA3/15/1212/20/12Not AffectedvCenter
Server4.0WindowsCVE-2010-0405NVDVMSA-2012-0005AdvESXi update to
third party component bzip2The bzip2 library is updated to version
1.0.6which resolves a security issue. - NANANA3/15/1212/20/12Not
AffectedvCenter
Server4.1WindowsCVE-2010-0405NVDVMSA-2012-0005AdvESXi update to
third party component bzip2The bzip2 library is updated to version
1.0.6which resolves a security issue. - NANANA3/15/1212/20/12Not
AffectedvCenter
Server5.0WindowsCVE-2010-0405NVDVMSA-2012-0005AdvESXi update to
third party component bzip2The bzip2 library is updated to version
1.0.6which resolves a security issue. - NANANA3/15/1212/20/12Not
AffectedVirtualCenter2.5WindowsCVE-2010-0405NVDVMSA-2012-0005AdvESXi
update to third party component bzip2The bzip2 library is updated
to version 1.0.6which resolves a security issue. -
NANANA3/15/1212/20/12Not
AffectedESXi3.5ESXiCVE-2010-0405NVDVMSA-2012-0005AdvESXi update to
third party component bzip2The bzip2 library is updated to version
1.0.6which resolves a security issue. - NANANA3/15/1212/20/12Not
AffectedESXi4.0ESXiCVE-2010-0405NVDVMSA-2012-0005AdvESXi update to
third party component bzip2The bzip2 library is updated to version
1.0.6which resolves a security issue. - NANANA3/15/1212/20/12Not
AffectedESXi4.1ESXiCVE-2010-0405NVDVMSA-2012-0005AdvESXi update to
third party component bzip2The bzip2 library is updated to version
1.0.6which resolves a security issue. -
NANANA3/15/1212/20/125.0_update01ESXi500-201203101-SG2011432KB608089ESXi5.0ESXiCVE-2010-0405NVDVMSA-2012-0005AdvESXi
update to third party component bzip2The bzip2 library is updated
to version 1.0.6which resolves a security issue. -
NANANA5.1AV:N/AC:H/AU:N/C:P/I:P/A:P3/15/1212/20/12Not
ApplicableESX3.5ESXCVE-2010-0405NVDVMSA-2012-0005AdvESXi update to
third party component bzip2The bzip2 library is updated to version
1.0.6which resolves a security issue. - NANANA3/15/1212/20/12Not
ApplicableESX4.0ESXCVE-2010-0405NVDVMSA-2012-0005AdvESXi update to
third party component bzip2The bzip2 library is updated to version
1.0.6which resolves a security issue. - NANANA3/15/1212/20/12Not
ApplicableESX4.1ESXCVE-2010-0405NVDVMSA-2012-0005AdvESXi update to
third party component bzip2The bzip2 library is updated to version
1.0.6which resolves a security issue. - NANANA3/15/1212/20/12Not
AffectedvCenter
Server4.0WindowsCVE-2012-1515NVDVMSA-2012-0006AdvVMware ROM
Overwrite Privilege EscalationA flaw in the way port-based I/O is
handled allows for modifying Read-Only Memory that belongs to the
Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder3/29/126/13/12Not AffectedvCenter
Server4.1WindowsCVE-2012-1515NVDVMSA-2012-0006AdvVMware ROM
Overwrite Privilege EscalationA flaw in the way port-based I/O is
handled allows for modifying Read-Only Memory that belongs to the
Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder3/29/126/13/12Not AffectedvCenter
Server5.0WindowsCVE-2012-1515NVDVMSA-2012-0006AdvVMware ROM
Overwrite Privilege EscalationA flaw in the way port-based I/O is
handled allows for modifying Read-Only Memory that belongs to the
Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder3/29/126/13/12Not
AffectedWorkstation8.0anyCVE-2012-1515NVDVMSA-2012-0006AdvVMware
ROM Overwrite Privilege EscalationA flaw in the way port-based I/O
is handled allows for modifying Read-Only Memory that belongs to
the Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder3/29/126/13/12Workstation
7.1.27.1.2Workstation7.0anyCVE-2012-1515NVDVMSA-2012-0006AdvVMware
ROM Overwrite Privilege EscalationA flaw in the way port-based I/O
is handled allows for modifying Read-Only Memory that belongs to
the Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder8.3AV:A/AC:L/AU:N/C:C/I:C/A:C3/29/126/13/12Not
AffectedPlayer4.0anyCVE-2012-1515NVDVMSA-2012-0006AdvVMware ROM
Overwrite Privilege EscalationA flaw in the way port-based I/O is
handled allows for modifying Read-Only Memory that belongs to the
Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder3/29/126/13/12Player
3.1.23.1.2Player3.0anyCVE-2012-1515NVDVMSA-2012-0006AdvVMware ROM
Overwrite Privilege EscalationA flaw in the way port-based I/O is
handled allows for modifying Read-Only Memory that belongs to the
Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder8.3AV:A/AC:L/AU:N/C:C/I:C/A:C3/29/126/13/12Not
AffectedFusion4.0MacCVE-2012-1515NVDVMSA-2012-0006AdvVMware ROM
Overwrite Privilege EscalationA flaw in the way port-based I/O is
handled allows for modifying Read-Only Memory that belongs to the
Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder3/29/126/13/12ESXe350-201203401-O-SGESXe350-201203401-I-SG2009160KB604481ESXi3.5ESXiCVE-2012-1515NVDVMSA-2012-0006AdvVMware
ROM Overwrite Privilege EscalationA flaw in the way port-based I/O
is handled allows for modifying Read-Only Memory that belongs to
the Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder8.3AV:A/AC:L/AU:N/C:C/I:C/A:C3/29/126/13/12ESXi400-201203001ESXi400-201203401-SG2011777KB660575ESXi4.0ESXiCVE-2012-1515NVDVMSA-2012-0006AdvVMware
ROM Overwrite Privilege EscalationA flaw in the way port-based I/O
is handled allows for modifying Read-Only Memory that belongs to
the Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder8.3AV:A/AC:L/AU:N/C:C/I:C/A:C3/29/126/13/124.1_update01ESXi410-201101201-SG1027919KB348481ESXi4.1ESXiCVE-2012-1515NVDVMSA-2012-0006AdvVMware
ROM Overwrite Privilege EscalationA flaw in the way port-based I/O
is handled allows for modifying Read-Only Memory that belongs to
the Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder8.3AV:A/AC:L/AU:N/C:C/I:C/A:C3/29/126/13/12Not
AffectedESXi5.0ESXiCVE-2012-1515NVDVMSA-2012-0006AdvVMware ROM
Overwrite Privilege EscalationA flaw in the way port-based I/O is
handled allows for modifying Read-Only Memory that belongs to the
Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder3/29/126/13/12ESX350-201203401-SGESX350-201203401-SG2009155KB604481ESX3.5ESXCVE-2012-1515NVDVMSA-2012-0006AdvVMware
ROM Overwrite Privilege EscalationA flaw in the way port-based I/O
is handled allows for modifying Read-Only Memory that belongs to
the Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder8.3AV:A/AC:L/AU:N/C:C/I:C/A:C3/29/126/13/12ESX400-201203001ESX400-201203401-SG2011767KB660575ESX4.0ESXCVE-2012-1515NVDVMSA-2012-0006AdvVMware
ROM Overwrite Privilege EscalationA flaw in the way port-based I/O
is handled allows for modifying Read-Only Memory that belongs to
the Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder8.3AV:A/AC:L/AU:N/C:C/I:C/A:C3/29/126/13/124.1_update01ESX410-201101201-SG1027904KB348481ESX4.1ESXCVE-2012-1515NVDVMSA-2012-0006AdvVMware
ROM Overwrite Privilege EscalationA flaw in the way port-based I/O
is handled allows for modifying Read-Only Memory that belongs to
the Virtual DOS Machine. Exploitation of this issue may lead to
privilege escalation on Guest Operating Systems that run Windows
2000Windows XP 32-bitWindows Server 2003 32-bit or Windows Server
2003 R2 32-bit.NARidgeway Internet SecurityDerek
Soeder8.3AV:A/AC:L/AU:N/C:C/I:C/A:C3/29/126/13/12Not
AffectedvCenter Server4.0WindowsCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS kernel.NANANA3/29/126/13/12Not
AffectedvCenter Server4.1WindowsCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS kernel.NANANA3/29/126/13/12Not
AffectedvCenter Server5.0WindowsCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS kernel.NANANA3/29/126/13/12Not
AffectedESXi3.5ESXiCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS kernel.NANANA3/29/126/13/12Not
AffectedESXi4.0ESXiCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS kernel.NANANA3/29/126/13/12Not
AffectedESXi4.1ESXiCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS kernel.NANANA3/29/126/13/12Not
AffectedESXi5.0ESXiCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS kernel.NANANA3/29/126/13/12Not
ApplicableESX3.5ESXCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS
kernel.NANANA3/29/126/13/12ESX400-201203001ESX400-201203401-SG2011767KB660575ESX4.0ESXCVE-2011-2482;
CVE-2011-3191; CVE-2011-4348NVDVMSA-2012-0006AdvESX third party
update for Service Console kernelThe ESX Service Console Operating
System (COS) kernel is updated to kernel-400.2.6.18-238.4.11.591731
to fix multiple security issues in the COS
kernel.NANANA3/29/126/13/12ESX410-201204001ESX410-201204401-SG2013057KB659051ESX4.1ESXCVE-2011-2482;
CVE-2011-3191; CVE-2011-4348NVDVMSA-2012-0006AdvESX third party
update for Service Console kernelThe ESX Service Console Operating
System (COS) kernel is updated to kernel-400.2.6.18-238.4.11.591731
to fix multiple security issues in the COS
kernel.NANANA3/29/126/13/12Not AffectedvCenter
Server4.0WindowsCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS kernel.NANANA3/29/126/13/12Not
AffectedvCenter Server4.1WindowsCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS kernel.NANANA3/29/126/13/12Not
AffectedvCenter Server5.0WindowsCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS kernel.NANANA3/29/126/13/12Not
AffectedESXi3.5ESXiCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS kernel.NANANA3/29/126/13/12Not
AffectedESXi4.0ESXiCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS kernel.NANANA3/29/126/13/12Not
AffectedESXi4.1ESXiCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS kernel.NANANA3/29/126/13/12Not
AffectedESXi5.0ESXiCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS kernel.NANANA3/29/126/13/12Not
ApplicableESX3.5ESXCVE-2011-2482; CVE-2011-3191;
CVE-2011-4348NVDVMSA-2012-0006AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple
security issues in the COS
kernel.NANANA3/29/126/13/12ESX400-201203001ESX400-201203407-SG2011767KB660575ESX4.0ESXCVE-2011-2482;
CVE-2011-3191; CVE-2011-4348NVDVMSA-2012-0006AdvESX third party
update for Service Console kernelThe ESX Service Console Operating
System (COS) kernel is updated to kernel-400.2.6.18-238.4.11.591731
to fix multiple security issues in the COS
kernel.NANANA3/29/126/13/12Not ApplicableESX4.1ESXCVE-2011-2482;
CVE-2011-3191; CVE-2011-4348NVDVMSA-2012-0006AdvESX third party
update for Service Console kernelThe ESX Service Console Operating
System (COS) kernel is updated to kernel-400.2.6.18-238.4.11.591731
to fix multiple security issues in the COS
kernel.NANANA3/29/126/13/12Not AffectedvCenter
Server4.0WindowsCVE-2012-1518NVDVMSA-2012-0007AdvVMware Tools
Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy4/12/126/13/12Not AffectedvCenter
Server4.1WindowsCVE-2012-1518NVDVMSA-2012-0007AdvVMware Tools
Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy4/12/126/13/12Not AffectedvCenter
Server5.0WindowsCVE-2012-1518NVDVMSA-2012-0007AdvVMware Tools
Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy4/12/126/13/12Workstation
8.0.28.0.2RNRN591240Workstation8.0anyCVE-2012-1518NVDVMSA-2012-0007AdvVMware
Tools Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy8.3AV:A/AC:L/AU:N/C:C/I:C/A:C4/12/126/13/12Workstation
7.1.67.1.6RNRN744570Workstation7.0anyCVE-2012-1518NVDVMSA-2012-0007AdvVMware
Tools Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy8.3AV:A/AC:L/AU:N/C:C/I:C/A:C4/12/126/13/12Player
4.0.24.0.2RNRN591240Player4.0anyCVE-2012-1518NVDVMSA-2012-0007AdvVMware
Tools Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy8.3AV:A/AC:L/AU:N/C:C/I:C/A:C4/12/126/13/12Player
3.1.63.1.6RNRN744570Player3.0anyCVE-2012-1518NVDVMSA-2012-0007AdvVMware
Tools Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy8.3AV:A/AC:L/AU:N/C:C/I:C/A:C4/12/126/13/12Fusion
4.1.24.1.2RNRN683185Fusion4.0MacCVE-2012-1518NVDVMSA-2012-0007AdvVMware
Tools Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy8.3AV:A/AC:L/AU:N/C:C/I:C/A:C4/12/126/13/12ESXe350-201203401-O-SGESXe350-201203402-T-BG2009161KB604481ESXi3.5ESXiCVE-2012-1518NVDVMSA-2012-0007AdvVMware
Tools Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy8.3AV:A/AC:L/AU:N/C:C/I:C/A:C4/12/126/13/12ESXi400-201203001ESXi400-201203402-BG2011768KB660575ESXi4.0ESXiCVE-2012-1518NVDVMSA-2012-0007AdvVMware
Tools Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy8.3AV:A/AC:L/AU:N/C:C/I:C/A:C4/12/126/13/12ESXi410-201201001ESXi410-201201402-BG2009137KBESXi4.1ESXiCVE-2012-1518NVDVMSA-2012-0007AdvVMware
Tools Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy8.3AV:A/AC:L/AU:N/C:C/I:C/A:C4/12/126/13/125.0_update01ESXi500-201203102-SG2010823KB608089ESXi5.0ESXiCVE-2012-1518NVDVMSA-2012-0007AdvVMware
Tools Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy8.3AV:A/AC:L/AU:N/C:C/I:C/A:C4/12/126/13/12ESX350-201203402-BGESX350-201203402-BG2009156KB604481ESX3.5ESXCVE-2012-1518NVDVMSA-2012-0007AdvVMware
Tools Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy8.3AV:A/AC:L/AU:N/C:C/I:C/A:C4/12/126/13/12ESX400-201203001ESX400-201203401-SG2011767KB660575ESX4.0ESXCVE-2012-1518NVDVMSA-2012-0007AdvVMware
Tools Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy8.3AV:A/AC:L/AU:N/C:C/I:C/A:C4/12/126/13/12ESX410-201201001ESX410-201201401-SG2009080KB582267ESX4.1ESXCVE-2012-1518NVDVMSA-2012-0007AdvVMware
Tools Incorrect Folder Permissions Privilege Escalation.The access
control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation
on Windows-based Guest Operating Systems.NANATavis
Ormandy8.3AV:A/AC:L/AU:N/C:C/I:C/A:C4/12/126/13/12Not
AffectedvCenter Server4.0WindowsCVE-2011-3191; CVE-2011-4348;
CVE-2012-0028NVDVMSA-2012-0008AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated which addresses several security issues in the COS
kernel.NANANA4/26/129/13/12Not AffectedvCenter
Server4.1WindowsCVE-2011-3191; CVE-2011-4348;
CVE-2012-0028NVDVMSA-2012-0008AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated which addresses several security issues in the COS
kernel.NANANA4/26/129/13/12Not AffectedvCenter
Server5.0WindowsCVE-2011-3191; CVE-2011-4348;
CVE-2012-0028NVDVMSA-2012-0008AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated which addresses several security issues in the COS
kernel.NANANA4/26/129/13/12Not AffectedESXi3.5ESXiCVE-2011-3191;
CVE-2011-4348; CVE-2012-0028NVDVMSA-2012-0008AdvESX third party
update for Service Console kernelThe ESX Service Console Operating
System (COS) kernel is updated which addresses several security
issues in the COS kernel.NANANA4/26/129/13/12Not
AffectedESXi4.0ESXiCVE-2011-3191; CVE-2011-4348;
CVE-2012-0028NVDVMSA-2012-0008AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated which addresses several security issues in the COS
kernel.NANANA4/26/129/13/12Not AffectedESXi4.1ESXiCVE-2011-3191;
CVE-2011-4348; CVE-2012-0028NVDVMSA-2012-0008AdvESX third party
update for Service Console kernelThe ESX Service Console Operating
System (COS) kernel is updated which addresses several security
issues in the COS kernel.NANANA4/26/129/13/12Not
AffectedESXi5.0ESXiCVE-2011-3191; CVE-2011-4348;
CVE-2012-0028NVDVMSA-2012-0008AdvESX third party update for Service
Console kernelThe ESX Service Console Operating System (COS) kernel
is updated which addresses several security issues in the COS
kernel.NANANA4/26/129/13/12Not ApplicableESX3.5ESXCVE-2011-3191;
CVE-2011-4348; CVE-2012-0028NVDVMSA-2012-0008AdvESX third party
update for Service Console kernelThe ESX Service Console Operating
System (COS) kernel is updated which addresses several security
issues in the COS
kernel.NANANA4/26/129/13/12ESX400-201209001ESX400-201209401-SG2019661KB787047ESX4.0ESXCVE-2011-3191;
CVE-2011-4348; CVE-2012-0028NVDVMSA-2012-0008AdvESX third party
update for Service Console kernelThe ESX Service Console Operating
System (COS) kernel is updated which addresses several security
issues in the COS
kernel.NANANA4/26/129/13/12ESX410-201204001ESX410-201204401-SG2013057KB659051ESX4.1ESXCVE-2011-3191;
CVE-2011-4348; CVE-2012-0028NVDVMSA-2012-0008AdvESX third party
update for Service Console kernelThe ESX Service Console Operating
System (COS) kernel is updated which addresses several security
issues in the COS kernel.NANANA4/26/129/13/12Not AffectedvCenter
Server4.0WindowsCVE-2010-4008; CVE-2011-0216; CVE-2011-1944;
CVE-2011-2834; CVE-2011-3905;
CVE-2011-3919NVDVMSA-2012-0008AdvUpdated ESX Service Console
package libxml2The ESX Console Operating System (COS) libxml2 rpms
are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2
and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several
security issues.NANANA4/26/129/13/12Not AffectedvCenter
Server4.1WindowsCVE-2010-4008; CVE-2011-0216; CVE-2011-1944;
CVE-2011-2834; CVE-2011-3905;
CVE-2011-3919NVDVMSA-2012-0008AdvUpdated ESX Service Console
package libxml2The ESX Console Operating System (COS) libxml2 rpms
are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2
and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several
security issues.NANANA4/26/129/13/12Not AffectedvCenter
Server5.0WindowsCVE-2010-4008; CVE-2011-0216; CVE-2011-1944;
CVE-2011-2834; CVE-2011-3905;
CVE-2011-3919NVDVMSA-2012-0008AdvUpdated ESX Service Console
package libxml2The ESX Console Operating System (COS) libxml2 rpms
are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2
and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several
security issues.NANANA4/26/129/13/12Not
AffectedESXi3.5ESXiCVE-2010-4008; CVE-2011-0216; CVE-2011-1944;
CVE-2011-2834; CVE-2011-3905;
CVE-2011-3919NVDVMSA-2012-0008AdvUpdated ESX Service Console
package libxml2The ESX Console Operating System (COS) libxml2 rpms
are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2
and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several
security issues.NANANA4/26/129/13/12Not
AffectedESXi4.0ESXiCVE-2010-4008; CVE-2011-0216; CVE-2011-1944;
CVE-2011-2834; CVE-2011-3905;
CVE-2011-3919NVDVMSA-2012-0008AdvUpdated ESX Service Console
package libxml2The ESX Console Operating System (COS) libxml2 rpms
are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2
and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several
security issues.NANANA4/26/129/13/12Not
AffectedESXi4.1ESXiCVE-2010-4008; CVE-2011-0216; CVE-2011-1944;
CVE-2011-2834; CVE-2011-3905;
CVE-2011-3919NVDVMSA-2012-0008AdvUpdated ESX Service Console
package libxml2The ESX Console Operating System (COS) libxml2 rpms
are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2
and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several
security issues.NANANA4/26/129/13/12Not
AffectedESXi5.0ESXiCVE-2010-4008; CVE-2011-0216; CVE-2011-1944;
CVE-2011-2834; CVE-2011-3905;
CVE-2011-3919NVDVMSA-2012-0008AdvUpdated ESX Service Console
package libxml2The ESX Console Operating System (COS) libxml2 rpms
are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2
and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several
security issues.NANANA4/26/129/13/12Not
ApplicableESX3.5ESXCVE-2010-4008; CVE-2011-0216; CVE-2011-1944;
CVE-2011-2834; CVE-2011-3905;
CVE-2011-3919NVDVMSA-2012-0008AdvUpdated ESX Service Console
package libxml2The ESX Console Operating System (COS) libxml2 rpms
are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2
and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several
security
issues.NANANA4/26/129/13/12ESX400-201209001ESX400-201209401-SG2019661KB787047ESX4.0ESXCVE-2010-4008;
CVE-2011-0216; CVE-2011-1944; CVE-2011-2834; CVE-2011-3905;
CVE-2011-3919NVDVMSA-2012-0008AdvUpdated ESX Service Console
package libxml2The ESX Console Operating System (COS) libxml2 rpms
are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2
and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several
security
issues.NANANA4/26/129/13/12ESX410-201204001ESX410-201204402-SG2013057KB659051ESX4.1ESXCVE-2010-4008;
CVE-2011-0216; CVE-2011-1944; CVE-2011-2834; CVE-2011-3905;
CVE-2011-3919NVDVMSA-2012-0008AdvUpdated ESX Service Console
package libxml2The ESX Console Operating System (COS) libxml2 rpms
are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2
and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several
security issues.NANANA4/26/129/13/12Not AffectedvCenter
Server4.0WindowsCVE-2012-1516NVDVMSA-2012-0009AdvVMware host memory
overwrite vulnerability (data pointers)Due to a flaw in the handler
function for RPC commandsit is possible to manipulate data pointers
within the VMX process. This vulnerability may allow a guest user
to crash the VMX process or potentially execute code on the
host.Configure virtual machines to use less than 4 GB of memory.
Virtual machines that have less than 4GB of memory are Not
Affected. OR Disable VIX messages from each guest VM by editing the
configuration file (.vmx) for the virtual machine as described in
VMware Knowledge Base article 1714. Add the following line:
isolation.tools.vixMessage.disable = TRUE Note: This workaround is
not valid for Workstation 7.x and Fusion 3.x.Mitigation Do not
allow untrusted users access to your virtual machines. Root or
Administrator level permissions are not required to exploit this
issue.Ridgeway Internet Security,Derek Soeder5/3/126/13/12Not
AffectedvCenter
Server4.1WindowsCVE-2012-1516NVDVMSA-2012-0009AdvVMware host memory
overwrite vulnerability (data pointers)Due to a flaw in the handler
function for RPC commandsit is possible to manipulate data pointers
within the VMX process. This vulnerability may allow a guest user
to crash the VMX process or potentially execute code on the
host.Configure virtual machines to use less than 4 GB of memory.
Virtual machines that have less than 4GB of memory are Not
Affected. OR Disable VIX messages from each guest VM by editing the
configuration file (.vmx) for the virtual machine as described in
VMware Knowledge Base article 1714. Add the following line:
isolation.tools.vixMessage.disable = TRUE Note: This workaround is
not valid for Workstation 7.x and Fusion 3.x.Mitigation Do not
allow untrusted users access to your virtual machines. Root or
Administrator level permissions are not required to exploit this
issue.Ridgeway Internet Security,Derek Soeder5/3/126/13/12Not
AffectedvCenter
Server5.0WindowsCVE-2012-1516NVDVMSA-2012-0009AdvVMware host memory
overwrite vulnerability (data pointers)Due to a flaw in the handler
function for RPC commandsit is possible to manipulate data pointers
within the VMX process. This vulnerability may allow a guest user
to crash the VMX process or potentially execute code on the
host.Configure virtual machines to use less than 4 GB of memory.
Virtual machines that have less than 4GB of memory are Not
Affected. OR Disable VIX messages from each guest VM by editing the
configuration file (.vmx) for the virtual machine as described in
VMware Knowledge Base article 1714. Add the following line:
isolation.tools.vixMessage.disable = TRUE Note: This workaround is
not valid for Workstation 7.x and Fusion 3.x.Mitigation Do not
allow untrusted users access to your virtual machines. Root or
Administrator level permissions are not required to exploit this
issue.Ridgeway Internet Security,Derek Soeder5/3/126/13/12Not
AffectedWorkstation8.0anyCVE-2012-1516NVDVMSA-2012-0009AdvVMware
host memory overwrite vulnerability (data pointers)Due to a flaw in
the handler function for RPC commandsit is possible to manipulate
data pointers with