×

Help Tweakers weer winnen!

Tweakers is dit jaar weer genomineerd voor beste nieuwssite, beste prijsvergelijker en beste community! Laten we ervoor zorgen dat heel Nederland weet dat Tweakers de beste website is. Stem op Tweakers en maak kans op mooie prijzen!

Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Software-update: Vmware Player 2.0.5 build 109488

Door , 2 reacties, bron: Vmware

02-09-2008 • 13:04

2 Linkedin Google+

Bron: Vmware

Vmware heeft enkele dagen geleden een nieuwe versie van Vmware Player vrijgegeven met versienummer 2.0.5 build 109488. Hiermee kunnen virtual machines die gemaakt zijn met Vmware Workstation, Server of ESX Server, worden uitgevoerd. Ook worden virtual machines van VirtualPC en Symantec LiveState Recovery-disks ondersteund. Daarnaast kunnen verschillende voorge´nstalleerde, virtuele machine's via deze pagina worden binnen gehaald, zoals Fedora 9, Ubuntu 8.04 en OpenSUSE 11.0. De meegeleverde aankondiging ziet er als volgt uit:

VMware Player 2.0.5

Player 2.0.5 addresses the following security issues:
  • Setting ActiveX killbit
    Starting from this release, VMware has set the killbit on its ActiveX controls. Setting the killbit ensures that ActiveX controls cannot run in Internet Explorer (IE), and avoids security issues involving ActiveX controls in IE. See the KB article 240797 available from Microsoft and the related references on this topic. Security vulnerabilities have been reported for ActiveX controls provided by VMware when run in IE. Under specific circumstances, exploitation of these ActiveX controls might result in denial-of-service or allow running of arbitrary code when the user browses a malicious Web site or opens a malicious file in IE browser. An attempt to run unsafe ActiveX controls in Internet Explorer might result in pop-up windows warning the user. Note: IE can be configured to run unsafe ActiveX controls without prompting. VMware recommends that you retain the default settings in IE, which prompts when unsafe actions are requested. Earlier, VMware had issued knowledge base articles, KB 5965318 and KB 9078920 on security issues with ActiveX controls. To avoid malicious scripts that exploit ActiveX controls, do not enable unsafe ActiveX objects in your browser settings. As a best practice, do not browse untrusted Web sites as an administrator and do not click OK or Yes if prompted by IE to allow certain actions. The Common Vulnerabilities and Exposures has assigned the names CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, CVE-2007-5438, and CVE-2008-3696 to the security issues with VMware ActiveX controls.
  • Update to FreeType
    FreeType 2.3.6 resolves an integer overflow vulnerability and other vulnerabilities that can allow malicious users to run arbitrary code or might cause a denial-of-service after reading a maliciously crafted file. This release updates FreeType to its latest version 2.3.7. The Common Vulnerabilities and Exposures has assigned the names CVE-2008-1806, CVE-2008-1807, and CVE-2008-1808 to the issues resolved in FreeType 2.3.6.
  • Update to Cairo
    Cairo 1.4.12 resolves an integer overflow vulnerability that can allow malicious users to run arbitrary code or might cause a denial-of-service after reading a maliciously crafted PNG file. This release updates Cairo to its latest version 1.4.14. The Common Vulnerabilities and Exposures has assigned the name CVE-2007-5503 to the issue resolved in Cairo 1.4.12.
VMware Player 2.0.4

Player 2.0.4 addresses the following security issues:
  • On Windows hosts, if VMCI is enabled, a guest can run arbitrary code in the context of the vmx process on the host. This is a compiler-dependent vulnerability. The Common Vulnerabilities and Exposures assigned the CVE number CVE-2008-2099 to this issue.
  • A security vulnerability related to the host-guest file system (HGFS) might cause a buffer overflow. The Common Vulnerabilities and Exposures assigned the CVE number CVE-2008-2098 to this issue.
Versienummer 2.0.5 build 109488
Releasestatus Final
Besturingssystemen Windows 2000, Windows XP, Linux x86, Windows Server 2003, Windows XP x64, Windows Server 2003 x64, Linux AMD64, Windows Vista, Windows Vista x64
Website Vmware
Download http://www.vmware.com/download/player
Licentietype Freeware

Reacties (2)

Wijzig sortering
Op deze pagina staan de directe links, zodat je niet de gegevens hoeft in te vullen.

[Reactie gewijzigd door Amito op 2 september 2008 14:21]

Op dit item kan niet meer gereageerd worden.


Apple iPhone X Google Pixel 2 XL LG W7 Samsung Galaxy S8 Google Pixel 2 Sony Bravia A1 OLED Microsoft Xbox One X Apple iPhone 8

© 1998 - 2017 de Persgroep Online Services B.V. Tweakers vormt samen met o.a. Autotrack en Hardware.Info de Persgroep Online Services B.V. Hosting door True

*