VMware Player Multiple Vulnerabilities (VMSA-2012-0011)

This script is Copyright (C) 2012 Tenable Network Security, Inc.

Synopsis :

The remote host has a virtualization application that is affected
by multiple vulnerabilities.

Description :

The VMware Player install detected on the remote host is 3.x earlier
than 3.1.6, or 4.0.x, earlier than 4.0.4 and is, therefore, potentially
affected by the following vulnerabilities :

- A memory corruption error exists related to the
handling of 'Checkpoint' files that can allow arbitrary
code execution. (CVE-2012-3288)

- An error exists related to handling traffic from
remote physical devices, e.g. CD-ROM or mouse that
can cause the virtual machine to crash. Note that this
issue affects only the 4.x branch. (CVE-2012-3289)

See also :


Solution :

Upgrade to VMware Player 3.1.6 / 4.0.4 or later.

Risk factor :

High / CVSS Base Score : 9.0
CVSS Temporal Score : 6.7
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 59729 ()

Bugtraq ID: 53996

CVE ID: CVE-2012-3288

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now