fkie_nvd - fkie_cve-2011-3868

fkie_cve-2011-3868

Vulnerability from fkie_nvd

Published

2011-10-07 20:55

Modified

2025-04-11 00:51

Severity ?

Summary

Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image.

References

URL	Tags
cve@mitre.org	http://osvdb.org/76060
cve@mitre.org	http://secunia.com/advisories/46241
cve@mitre.org	http://security.gentoo.org/glsa/glsa-201209-25.xml
cve@mitre.org	http://www.securityfocus.com/archive/1/520005/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/49942
cve@mitre.org	http://www.securitytracker.com/id?1026139
cve@mitre.org	http://www.vmware.com/security/advisories/VMSA-2011-0011.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/76060
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46241
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201209-25.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/520005/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/49942
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1026139
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2011-0011.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
vmware	workstation	7.0
vmware	workstation	7.0.1
vmware	workstation	7.1
vmware	workstation	7.1.1
vmware	workstation	7.1.2
vmware	workstation	7.1.3
vmware	workstation	7.1.4
vmware	player	3.0
vmware	player	3.0.1
vmware	player	3.1
vmware	player	3.1.1
vmware	player	3.1.2
vmware	player	3.1.3
vmware	player	3.1.4
vmware	fusion	3.1
vmware	fusion	3.1.1
vmware	fusion	3.1.2
vmware	ams	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF53DB66-4C79-47BB-AABD-6DCE2EF98E1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "99ADA116-A571-4788-8DF2-09E8A2AF92F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:7.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2818FD22-8BC5-4803-8D62-D7C7C22556F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:7.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C8C76F3-05B5-43EA-AE70-A026AC6001DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F747AC1-E163-41A4-BAC7-FDF46F4057D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A115959-9CDA-45ED-9002-BA1A31074E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C158CD97-41BA-4422-9A55-B1A8650A0900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "477D5F22-7DDD-461D-9CD1-2B2A968F6CB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C174C452-7249-4B26-9F26-DFE9B3476874",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:3.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAA72ED8-3229-4220-BE75-712CA6E21062",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E06DA2-CB18-45E6-9F88-B3B6E0507816",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "051D820C-E5F4-4DA2-8914-5A33FCFF2D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "69FFA61C-2258-4006-AECA-D324F5700990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "50D2840A-5AF2-4AC4-9243-07CE93E9E9B1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:ams:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD09C110-3A8B-41F1-B113-854A914DB263",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de bufer en VMware Workstation 7.x anterior a v7.1.5, VMware Player v3.x anterior a v3.1.5, VMware Fusion v3.1.x anterior v3.1.3, y VMware AMS permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un systema de ficheros manipulado UDF en una imagen ISO"
    }
  ],
  "id": "CVE-2011-3868",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-10-07T20:55:01.253",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/76060"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/46241"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/520005/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/49942"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1026139"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/76060"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/46241"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/520005/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/49942"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1026139"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0011.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2011-3868 (GCVE-0-2011-3868)

Vulnerability from cvelistv5

Published

2011-10-07 20:00