-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2013-0097 Title: VMware Products Increased privileges - Existing account [1] Version history: 06.12.2013 Initial publication Summary ======= VMware Workstation, Fusion, ESXi and ESX patches address a vulnerability in the LGTOSYNC.SYS driver which could result in a privilege escalation on older Windows-based Guest Operating Systems. CVE number: CVE-2013-3519 CVSS v2 Base Score:6.9 (MEDIUM) (AV:L/AC:M/Au:N/C:C/I:C/A:C) [2] Vulnerable systems ================== VMware Workstation 9.x prior to version 9.0.3 VMware Player 5.x prior to version 5.0.3 VMware Fusion 5.x prior to version 5.0.4 VMware ESXi 5.1 without patch ESXi510-201304102 VMware ESXi 5.0 without patch ESXi500-201303102 VMware ESXi 4.1 without patch ESXi410-201301402 VMware ESXi 4.0 without patch ESXi400-201305401 VMware ESX 4.1 without patch ESX410-201301401 VMware ESX 4.0 without patch ESX400-201305401 Original Details [1] ================ VMware ESX, Workstation and Fusion contain a vulnerability in the handling of control code in lgtosync.sys. A local malicious user may exploit this vulnerability to manipulate the memory allocation. This could result in a privilege escalation on 32-bit Guest Operating Systems running Windows 2000 Server, Windows XP or Windows 2003 Server on ESXi and ESX; or Windows XP on Workstation and Fusion. What can you do? ================ Download the patch for your version. [3] If there is no patch for your version of the product, it may be necessary to upgrade to a higher version. What to tell your users? ======================== N/A More information ================ [1] http://www.vmware.com/security/advisories/VMSA-2013-0014.html [2] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3519 [3] https://www.vmware.com/go/downloadworkstation https://www.vmware.com/go/downloadplayer https://www.vmware.com/go/downloadfusion https://my.vmware.com/web/vmware/downloads Best regards, CERT-EU Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJSodVOAAoJEPpzpNLI8SVo1dEP/ixrwxZPlUugmZxxhbpdyw3i nFKMe1JjSiKyFwlYpqJyA+YvOxiH39h8FIkPWU6Wi+p1vmCguCcHEarVX2QFpWpT RqWlQSUSfXcLwk370YfSJBnq7tJ6+HA/CWB3iO6eExyI9pcM07i3Ieh2CBQK1JVl O0UYgccbrgZEUak9nNhCAQw8wacPAlH/Zv2hcsrYPCNf4tnFoZgjxGK8+grsemD3 hm0uqgwxl82fnqCwVis7OAWNB14jVf/fLeGoxR+tKufGb6IvtAH2WKebadgnf2r5 1yk6/rexo84LM7OdzoAxn3gfXQHfSHaL3AmnaPVQx9I+RX8AmxhstxRqQ3U7LgG5 EPV7JuyJcK+epKX/yWqR65x7o1aS/lFU4Nvgevp1ET3F7HrY6ciO1yBpN00HjGYW kIGiMhBY6/yePIGRb8kdqhHhN/isz+S04d4EGp4lZ+HbX1yJohfH/8qqS1ds0f4f sxvdvi3zK6CiKq39OHYyIOz1IpUAcazYY+rPem1T6y5GCrpKefJ2CLXfYCpsp3dM XQb+U45PxhzyqIFzAULg+Dn/4CpepFtZb+rfn9Y0BkwBx+NKmAOK6uSljWvFZnvp 6IBZ9Ae6ZhXaLVDKFU9ito5bA2niAetiGTumHIbAcTFpniz3tbbnzZ8gTFDwmgQG 0LxI1oD7OpsD+lSLfxNg =IUV4 -----END PGP SIGNATURE-----