VMware Hosted products and ESX and ESXi patches resolve security issues


a) VMware Descheduled Time Accounting driver vulnerability may cause a
denial of service in Windows based virtual machines.
b) Updated libpng package for the ESX 2.5.5 Service Console. A buffer
overflow in the 2.5.5 could lead to arbitrary code execution.

Relevant releases

VMware Workstation 6.5.1 and earlier,
VMware Player 2.5.1 and earlier,
VMware ACE 2.5.1 and earlier,
VMware Server 2.0,
VMware Server 1.0.8 and earlier,
VMware Fusion 2.0.1 and earlier.
VMware ESXi 3.5 without patch ESXe350-200904402-T-BG
VMware ESX 3.5 without patch ESX350-200904401-BG
VMware ESX 3.0.3 without patch ESX303-200905401-SG
VMware ESX 3.0.2 without patch ESX-1008420
VMware ESX 2.5.5 without update patch 13

It is recommended that you apply the VMware supplied patches if these
vulnerabilities affect you.