VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director address several security issues

description-logoDescription

VMware ESXi and ESX contain a NULL pointer dereference in the handling of the Network File Copy (NFC) traffic. To exploit this vulnerability, an attacker must intercept and modify the NFC traffic between ESXi/ESX and the client. Exploitation of the issue may lead to a Denial of Service. To reduce the likelihood of exploitation, vSphere components should be deployed on an isolated management network. VMware would like to thank Alex Chapman of Context Information Security for reporting this issue to us.

affected-products-logoAffected Applications

VMware Fusion

CVE References

CVE-2014-1207