VMware patches arbitrary code execution flaw in desktop, server virtualization products

Virtualization software vendor VMware has released security patches for its Workstation, Player, Fusion, ESXi and ESX products in order to address two vulnerabilities that could allow attackers to compromise the host system or crash a virtual machine. The more serious vulnerability is identified as CVE-2012-3288 and stems from an improper validation of input data when loading virtual machine checkpoint files, VMware said in a security advisory Thursday.

Source: http://www.infoworld.com/d/security/vmware-patches-arbitrary-code-execution-flaw-in-desktop-server-virtualization-products-195700

SPSS SPANSION SONUS NETWORKS SONIC AUTOMOTIVE SKYWORKS SOLUTIONS