By Kelly Jackson Higgins
Immunity´s VM "breakout" exploit follows that of Core Security Technologies´ VMware Shared Folders exploit in its Impact penetration testing tool announced last year. The module "weaponized" a vulnerability discovered by Core that lets an attacker create or alter executable files on the Windows host OS. For the attack to work, VMware´s Shared Folders feature must be enabled and at least one folder on the underlying host system must be configured to share files with the VM.
Source: Dark Reading