VMware.IntraProcessLogging.dll.File.Overwrite
Description
The ActiveX control in IntraProcessLogging.dll in VMware has an arbitrary file overwrite vulnerability. A remote attacker could create or overwrite arbitrary files via the argument to the SetLogFileName method.
Affected Products
IntraProcessLogging.dll 5.5.3.42958 in VMware.
Impact
File Manipulation.
Recommended Actions
Currently we are not aware of any official supplied fix for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |