Multiple vulnerabilities in VMware products
VMware has advised of a number of vulnerabilities in several of its products, including ESX, Server, VirtualCenter and vCenter. According to the company, a number of the issues relate to problems in the Java Runtime Environment (JRE) and several of the 47 vulnerabilities can be used by an attacker to compromise a system.
VMware vCenter 4.0, VMware Server 2.0, VMware ESX 4.0, 3.5 and 3.0.3, VirtualCenter 2.5 and 2.0.2 and VMware VMA 4.0 are all affected. An update for VirtualCenter 2.5 has been released. Security updates for the other products are still pending completion.
See also:
- VMware vCenter update release addresses multiple security issues in Java JRE, security advisory from VMware.
(crve)