VMware ships patches for 'highly critical' server flaws

In all, the patch batch addresses at least 16 documented vulnerabilities affecting the VMware Workstation, VMware Player, VMware ACE, VMware Server and VMware ESX server.

The flaws put users at risk of arbitrary code execution, information disclosure, privilege escalation and denial of service attacks.

Secunia has tagged the VMWare Server update as "highly critical" and provides the following breakdown of 8 security issues:

• Various vulnerabilities are caused due to unspecified errors within certain ActiveX controls. These can be exploited to e.g. execute arbitrary code by tricking a user into visiting a malicious website.
• An unspecified error when processing malformed requests exists within the ISAPI Extension. This can be exploited to cause a DoS by sending specially crafted requests to a vulnerable system.

[ SEE: VMware blames stray code for ‘time bomb’ hiccup ]

• An unspecified error related to "OpenProcess" can be exploited by malicious, local users on a host system to gain escalated privileges on the host system.
• Some vulnerabilities in freetype can potentially be exploited by malicious people to compromise an application using the library.

A separate advisory, rated "moderately critical," spells out four more issues in the VMware ESX Server:

• An error in libpng can be exploited by malicious people to cause a DoS (Denial of Service).
• Some vulnerabilities in freetype potentially can be exploited by malicious people to compromise an application using the library.

Some of the ESX Server vulnerabilities are not yet patched.  Secunia recommends that users not process untrusted fonts or PNG images.