VMware.Vielib.DLL.ActiveX.Control.Remote.Code.Execution
Description
This indicates an attack attempt to exploit a remote Code Execution vulnerability in VMware.
The vulnerability, which is located in the "vielib.dll" ActiveX control, can be exploited through misuse of the "CreateProcess" method. It may allow remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control.
Affected Products
VMWare Workstation 6.0
VMWare Workstation 5.5.4
VMWare Workstation 5.5
VMWare Server 1.0.3
VMWare Player 2.0
VMWare Player 1.0.4
VMWare ACE 2.0
VMWare ACE 1.0.3
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the latest update from the vendor.
VMWare Workstation 6.x
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
VMWare Workstation 5.5.x
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
VMWare Server
http://www.vmware.com/support/server/doc/releasenotes_server.html
VMWare Player 2.x
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
VMWare Player 1.x
http://www.vmware.com/support/player/doc/releasenotes_player.html
VMWare ACE 2.x
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
VMWare ACE 1.x
http://www.vmware.com/support/ace/doc/releasenotes_ace.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |