Numerous vulnerabilities in VMware productsNovember 24, 2009 – 5:49 AM
VMware has advised of a total of 93 vulnerabilities in several of its products, including ESX Server, Server, VirtualCenter and vCenter. Most of the vulnerabilities are in Java, Tomcat and the kernel and have been known for some time. Some of them can be exploited to compromise a system, however, the advisory notes that flaws in the Service Console kernel and JRE can only be exploited when an attacker has access to the Service Console network.
Currently, updates have only been released for some of the affected products, such as ESX 4.0 and vCenter 4.0. According to VMware, security updates for the other products are pending completion.