Vigil@nce - VMware: memory corruption via Checkpoint
June 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker, who is allowed to load a Checkpoint file, can corrupt
the memory of VMware products, in order to execute code on the
host system.
Severity: 2/4
Creation date: 14/06/2012
IMPACTED PRODUCTS
– VMware ESX
– VMware ESXi
– VMware Player
– VMware vSphere Hypervisor
– VMware Workstation
DESCRIPTION OF THE VULNERABILITY
A Checkpoint file can be used to memorize the current state of a
virtual machine.
An attacker, who is allowed to load a Checkpoint file, can corrupt
the memory of VMware products, in order to execute code on the
host system.
Technical details are unknown.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/VMware-memory-corruption-via-Checkpoint-11706