Package: vmware-package Severity: grave Tags: security Justification: user security hole
Hi The following CVE[0] has been issued against vmware products. CVE-2008-2098: Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when folder sharing is used, allows guest OS users to execute arbitrary code on the host OS via unspecified vectors. The vmware security announcement can be found here[1]. Please mention the CVE id in your changelog, if you upload a fix for this issue. Cheers Steffen [0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2098 [1]: http://www.vmware.com/security/advisories/VMSA-2008-0008.html _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
