VMware Fusion 4.x < 4.1.3 (VMSA-2012-0009, VMSA-2012-0011)

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote host has a virtualization application that is affected by
multiple vulnerabilities.

Description :

The version of VMware Fusion 4.x installed on the Mac OS X host is
earlier than 4.1.3, and is therefore reportedly affected by the
following vulnerabilities :

- Due to a flaw in the virtual floppy configuration it is
possible to perform an out-of-bounds memory write. This
vulnerability may allow a guest user to crash the VMX
process or potentially execute code on the host. As a
workaround, remove the virtual floppy drive from the
list of virtual IO devices. The VMware hardening guides
recommend removing unused virtual IO devices in general.
Additionally, do not allow untrusted root users in your
virtual machines. Root or Administrator level
permissions are required to exploit this issue.
(CVE-2012-2449)

- A memory corruption error exists related to the
handling of 'Checkpoint' files that can allow arbitrary
code execution. (CVE-2012-3288)

See also :

http://www.vmware.com/security/advisories/VMSA-2012-0009.html
http://www.vmware.com/security/advisories/VMSA-2012-0011.html
http://www.nessus.org/u?fb5b232d

Solution :

Upgrade to VMware Fusion 4.1.3 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: MacOS X Local Security Checks

Nessus Plugin ID: 59818 ()

Bugtraq ID: 53996

CVE ID: CVE-2012-2449
CVE-2012-3288