VMware Fusion CVE-2013-3519 Weak Authentication Vulnerability

description-logoDescription

VMware ESX, Workstation and Fusion contain a vulnerability in the handling of control code in lgtosync. A local malicious user may exploit this vulnerability to manipulate the memory allocation. This could result in a privilege escalation on 32-bit Guest Operating Systems running Windows 2000 Server, Windows XP or Windows 2003 Server on ESXi and ESX; or Windows XP on Workstation and Fusion. The vulnerability does not allow for privilege escalation from the Guest Operating System to the host.

affected-products-logoAffected Applications

VMware Fusion

CVE References

CVE-2013-3519