Directory Traversal Vulnerability in VMware Studio by VMware
CVE-2009-2968

Currently unrated

Key Information:

Vendor: Vmware
Status: Studio
Vendor: CVE Published:; 2 September 2009

Summary

A directory traversal vulnerability exists in VMware Studio 2.0 public beta, which permits unauthorized remote attackers to upload files to any directory on the server. This flaw results from inadequate input validation in the web interface support component, allowing attackers to exploit unspecified vectors to manipulate file paths. By exploiting this vulnerability, an attacker could potentially gain access to sensitive files or images on the server, posing serious security risks. It is crucial for users to implement the latest security updates to mitigate any potential threats.

References

http://www.vmware.com/support/developer/studio/studio20/r...

x_refsource_CONFIRM

http://lists.vmware.com/pipermail/security-announce/2009/...

mailing-listx_refsource_MLIST

http://www.securityfocus.com/archive/1/506191/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Sep 2, 2009
Vulnerability Reserved
Aug 26, 2009