CSIRT Panam\u00e1 Aviso 2017-04 \u2013 VMware libera actualizaci\u00f3n de seguridad para Unified Access Gateway, Horizonte View y Workstation.
\nGravedad: Cr\u00edtica
\nFecha de publicaci\u00f3n: 24 abril 2017
\nFecha de modificaci\u00f3n: 24 abril 2017
\n\u00daltima revisi\u00f3n: Revisi\u00f3n A.
\nFuente: www.vmware.com\/security\/advisories\/VMSA-2017-0008.html<\/p>\n
Sistemas Afectados
\na. VMware Unified Access Gateway
\nb. Horizonte View
\nc. Workstation Updates <\/p>\n
I. Descripci\u00f3n
\nVMware ha liberado actualizaciones de seguridad para solucionar vulnerabilidades de desbordamiento de b\u00fafer en JEPG2000 y fuentes TrueType (TTF) analizadores en la TPView.dll o el permitir a un atacante a ejecutar c\u00f3digo arbitrario.<\/p>\n
II. Impacto
\nComplejidad de Acceso: Media.
\nAutenticaci\u00f3n: No requerida para explotarla.
\nTipo de impacto: Compromiso total del sistema.<\/p>\n
III. Referencia a soluciones, herramientas e informaci\u00f3n
\na. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-4907
\nb. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-4908
\nc. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-4909
\nd. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-4910
\ne. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-4911
\nf. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-4912
\ng. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-4913<\/p>\n
IV. Informaci\u00f3n de contacto
\nCSIRT PANAMA
\nAutoridad Nacional para la Innovaci\u00f3n Gubernamental
\nE-Mail: info@cert.pa
\nWeb: http:\/\/www.cert.pa<\/p>\n","protected":false},"excerpt":{"rendered":"
CSIRT Panam\u00e1 Aviso 2017-04 \u2013 VMware libera actualizaci\u00f3n de seguridad para Unified Access Gateway, Horizonte View y Workstation. Gravedad: Cr\u00edtica Fecha de publicaci\u00f3n: 24 abril 2017 Fecha de modificaci\u00f3n: 24 abril 2017 \u00daltima revisi\u00f3n: Revisi\u00f3n…<\/p>\n","protected":false},"author":4,"featured_media":967,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[],"class_list":["post-964","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/964","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=964"}],"version-history":[{"count":3,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/964\/revisions"}],"predecessor-version":[{"id":969,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/964\/revisions\/969"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/967"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=964"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=964"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=964"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}