Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
VMCI/HGFS VmWare Code Execution Vulnerability (Linux)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The host is installed with VMWare product(s) that are vulnerable to arbitrary code execution vulnerability.
Insight
Insight
VMware Host Guest File System (HGFS) shared folders feature allows users to transfer data between a guest operating system and the host operating system. A heap buffer overflow exists in VMware HGFS which allows guest system to execute code in the context of vmx process on the host. The issue exists only when VMWare system has shared folder enabled. Successful exploitation requires that the vix.inGuest.enable configuration value is enabled
Affected Software
Affected Software
VMware Player 2.0.x - 2.0.3 on Linux VMware Workstation 6.0.x - 6.0.3 on Linux
Solution
Solution
Upgrade VMware to: VMware Workstation 6.0.4 or later VMware Player 2.0.4 or later.