1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: VMware OVF Tool CVE-2012-3569

Attack: VMware OVF Tool CVE-2012-3569

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in VMware OVF Tool which may cause arbitrary code execution.

Additional Information

VMware OVF Tool is a command-line utility that allows to import and export of OVF packages to and from a wide variety of VMware platform products.

VMware OVF Tool is prone to a format-string vulnerability when parsing OVF files. An attacker can exploit this issue by enticing an unsuspecting user to open a specially-crafted OVF file.

Remote attackers can exploit this issue to execute arbitrary code or cause denial-of-service conditions.

Affected

  • OVF Tool 2.1 is are vulnerable; other versions may also be affected.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube