VMware has released security advisory VMSA-2011-0009 to address multiple vulnerabilities in the following products:
* VMware Workstation 7.1.3 and earlier
* VMware Player 3.1.3 and earlier
* VMware Fusion 3.1.2 and earlier
* ESXi 4.1 without patch ESXi410-201104402-BG
* ESXi 4.0 without patch ESXi400-201104402-BG
* ESXi 3.5 without patches ESXe350-201105401-I-SG and
ESXe350-201105402-T-SG
* ESX 4.1 without patch ESX410-201104401-SG
* ESX 4.0 without patch ESX400-201104401-SG
* ESX 3.5 without patches ESX350-201105401-SG, ESX350-201105404-SG,
and ESX350-201105406-SG
Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, bypass security mechanisms, operate with elevated privileges, or obtain sensitive information.
The Vulnerability Team adviced to users and administrators to review and apply the updates notifications necessary to help mitigate the risks.
source: us-cert.gov.com
