Hottest Free Downloads - DownloadPipe.com Over 197,000 downloads! Bookmark Now!
DownloadPipe.com - New Downloads Every Minute
 SEARCH:
FAQFAQ    SearchSearch      ProfileProfile    Private MessagesPrivate Messages   Log inLog in

Bug#484491: CVE-2008-2098: buffer overflow allows arbitrar..

  
   Linux (Home) -> Bugs RC RSS
Next:  Bug#482159:  
Author Message
Steffen Joeris

External


Since: Aug 17, 2005
Posts: 334



(Msg. 1) Posted: Wed Jun 04, 2008 1:40 pm
Post subject: Bug#484491: CVE-2008-2098: buffer overflow allows arbitrary code execution
Archived from groups: linux>debian>bugs>rc (more info?)
Package: vmware-package
Severity: grave
Tags: security
Justification: user security hole

Hi

The following CVE[0] has been issued against vmware products.

CVE-2008-2098:

Heap-based buffer overflow in the VMware Host Guest File System (HGFS)
in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before
2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware
Fusion before 1.1.2 build 87978, when folder sharing is used, allows
guest OS users to execute arbitrary code on the host OS via unspecified
vectors.


The vmware security announcement can be found here[1].

Please mention the CVE id in your changelog, if you upload a fix for
this issue.


Cheers
Steffen

[0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2098

[1]: http://www.vmware.com/security/advisories/VMSA-2008-0008.html



--
To UNSUBSCRIBE, email to debian-bugs-rc-REQUEST.DeleteThis@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster.DeleteThis@lists.debian.org
Back to top
Login to vote
Display posts from previous:   
Related Topics:
Bug#400777: GnuPG 1.4 and 2.0 buffer overflow - Package: gnupg2 Version: 2.0.0-5 Severity: grave Tags: security Justification: user security hole A vulnerability has been reported in GnuPG 2. See http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html for details. -- To UNSUBSCRIBE...

Bug#459314: libcdio: stack-based buffer overflow in iso966.. - Package: libcdio Severity: grave Tags: security patch Justification: user security hole Hi, during some reading in libcdio I found a bug in the iso9660_dir_to_name function. 855 char * 856 iso9660_dir_to_name (const iso9660_dir_t *iso9660_dir) 857 {..

Bug#446354: dhcp: stack-based buffer overflow (CVE-2007-53.. - Package: dhcp Severity: grave Tags: security Justification: user security hole Hi The following CVE[0] has been issued against dhcp. CVE-2007-5365: Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through....

Bug#499771: webkit: several vulnerabilities (CVE-2008-3950.. - Package: webkit Severity: grave Tags: security, patch Justification: user security hole Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for webkit. CVE-2008-3950[0]: | Off-by-one error in the |..

Bug#395080: Asterisk Cisco SCCP "chan_skinny" Integer Over.. - Package: asterisk Severity: grave Tags: security A heap-based buffer overflow vulnerability has been found in the skinny module of asterisk. It is fixed in 1.2.13 and 1.0.12 See ..
       Linux (Home) -> Bugs RC All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Categories:
 Windows Forums
 Game Forums
  Linux Forums
 Mac Forums
 PDA Forums
 Mobile Forums
  Top  |  Store  |  RSS Feeds RSS  |  Data Feeds  |  Advertise  |  Submit  |  Bookmark  |  Newsletter  |  Contact