Vulnerabilites related to vmware - workstation_pro
Vulnerability from fkie_nvd
Published
2016-12-29 09:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation_player | 12.0.0 | |
| vmware | workstation_player | 12.0.1 | |
| vmware | workstation_player | 12.1.0 | |
| vmware | workstation_player | 12.1.1 | |
| vmware | workstation_pro | 12.0.0 | |
| vmware | workstation_pro | 12.0.1 | |
| vmware | workstation_pro | 12.1.0 | |
| vmware | workstation_pro | 12.1.1 | |
| microsoft | windows | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8ABE47D4-506C-4132-829B-19A61ED35F4A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "67CDB0AC-25B6-4397-9784-386C81C37352", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C48608C8-B7A6-47DD-8C78-44EB2B0D6C0C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "1787E49C-19A5-428D-9BEA-5500B3DD60F8", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E3E8337D-BC36-4910-A998-309D277D008C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "0E91FE31-B442-4EE3-A415-D635A5CCA6C2", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C67B92FB-CE89-479D-97DF-237C77BF307B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F44F5FBF-DD1D-41F8-A1EC-9720DBC89008", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.", }, { lang: "es", value: "Múltiples desbordamientos de búfer basados en memoria dinámica en VMware Workstation Pro 12.x en versiones anteriores a 12.5.0 y VMware Workstation Player 12.x en versiones anteriores a 12.5.0 en Windows, cuando la impresión virtual Cortado ThinPrint está habilitada, permiten a usuarios invitados del SO ejecutar código arbitrario en el SO anfitrión a través de vectores no especificados.", }, ], id: "CVE-2016-7081", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.1, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-12-29T09:59:00.337", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92935", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1036805", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92935", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036805", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-12-29 09:59
Modified
2025-04-12 10:46
Severity ?
Summary
VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via TrueType fonts embedded in EMFSPOOL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation_player | 12.0.0 | |
| vmware | workstation_player | 12.0.1 | |
| vmware | workstation_player | 12.1.0 | |
| vmware | workstation_player | 12.1.1 | |
| vmware | workstation_pro | 12.0.0 | |
| vmware | workstation_pro | 12.0.1 | |
| vmware | workstation_pro | 12.1.0 | |
| vmware | workstation_pro | 12.1.1 | |
| microsoft | windows | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8ABE47D4-506C-4132-829B-19A61ED35F4A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "67CDB0AC-25B6-4397-9784-386C81C37352", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C48608C8-B7A6-47DD-8C78-44EB2B0D6C0C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "1787E49C-19A5-428D-9BEA-5500B3DD60F8", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E3E8337D-BC36-4910-A998-309D277D008C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "0E91FE31-B442-4EE3-A415-D635A5CCA6C2", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C67B92FB-CE89-479D-97DF-237C77BF307B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F44F5FBF-DD1D-41F8-A1EC-9720DBC89008", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via TrueType fonts embedded in EMFSPOOL.", }, { lang: "es", value: "VMware Workstation Pro 12.x en versiones anteriores a 12.5.0 y VMware Workstation Player 12.x en versiones anteriores a 12.5.0 en Windows, cuando la impresión virtual Cortado ThinPrint está habilitada, permiten a usuarios invitados del SO ejecutar código arbitrario en el SO anfitrión o provocar una denegación de servicio (corrupción de memoria del SO anfitrión) a través de fuentes TrueType embebidas en EMFSPOOL.", }, ], id: "CVE-2016-7083", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 5.9, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 8.5, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.1, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-12-29T09:59:00.397", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92934", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1036805", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { source: "cve@mitre.org", url: "https://www.exploit-db.com/exploits/40398/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92934", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036805", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/40398/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-16 17:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMF Parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | horizon_client | * | |
| vmware | workstation_player | * | |
| vmware | workstation_pro | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:horizon_client:*:*:*:*:*:windows:*:*", matchCriteriaId: "6601BC5A-C99B-4B9A-A112-C4382C04171C", versionEndExcluding: "5.4.4", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*", matchCriteriaId: "D5C1D4AB-9A63-4660-B07A-5A78B3D16962", versionEndExcluding: "16.0.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "14D38E88-C39B-4DB7-91E6-3EBE20ED27FC", versionEndExcluding: "16.0.0", versionStartIncluding: "15.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMF Parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.", }, { lang: "es", value: "VMware Workstation (versión 15.x) y Horizon Client para Windows (versión 5.x anteriores a 5.4.4), contienen una vulnerabilidad de lectura fuera de límites en el componente Cortado ThinPrint (Analizador EMF). Un actor malicioso con acceso normal a una máquina virtual puede explotar estos problemas para crear una condición de denegación de servicio parcial o para filtrar la memoria del proceso TPView que se ejecuta en el sistema donde está instalado Workstation o Horizon Client para Windows", }, ], id: "CVE-2020-3986", lastModified: "2024-11-21T05:32:06.920", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.6, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-16T17:15:13.890", references: [ { source: "security@vmware.com", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-06-07 18:29
Modified
2024-11-21 03:26
Severity ?
Summary
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. This issue may lead to an information leak.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://www.securityfocus.com/bid/97164 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1038148 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1038149 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.vmware.com/security/advisories/VMSA-2017-0006.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97164 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038148 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038149 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2017-0006.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | fusion | * | |
| vmware | fusion_pro | * | |
| apple | mac_os_x | - | |
| vmware | workstation_player | * | |
| vmware | workstation_pro | * | |
| vmware | esxi | 5.5 | |
| vmware | esxi | 5.5 | |
| vmware | esxi | 5.5 | |
| vmware | esxi | 5.5 | |
| vmware | esxi | 5.5 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*", matchCriteriaId: "C05F1671-5010-4BB5-BFA7-217FBB946B59", versionEndExcluding: "8.5.6", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "AB3E0004-E6F1-4C0D-9B24-A7F1AF4BCBD8", versionEndExcluding: "8.5.6", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", matchCriteriaId: "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*", matchCriteriaId: "5DB0B91B-F8F6-456F-8FBD-7B98A9ABA95A", versionEndExcluding: "12.5.5", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "17F1AB0A-CD31-4FE7-AE1F-4C6A111D1C62", versionEndExcluding: "12.5.5", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:*", matchCriteriaId: "BB90FDCA-A848-4D4D-8A6F-FD04D702EC85", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:1:*:*:*:*:*:*", matchCriteriaId: "4DC223AC-EB3D-48CF-A6CC-D35E00A38394", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:2:*:*:*:*:*:*", matchCriteriaId: "75C8E87E-A869-49F8-89F9-DE64A45CDB35", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:3a:*:*:*:*:*:*", matchCriteriaId: "E7F8878C-F73D-4549-9607-74880176D2B0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:3b:*:*:*:*:*:*", matchCriteriaId: "E47D369F-13B2-42B3-BB74-60AAD0954B26", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*", matchCriteriaId: "3E8861F4-D390-4738-BBF0-9EE4684E9667", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:1:*:*:*:*:*:*", matchCriteriaId: "52403C80-3022-4E5B-B16A-24B116D1E6B9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:1a:*:*:*:*:*:*", matchCriteriaId: "FBECED2E-05FD-492E-8B57-9BB8ADA82444", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:1b:*:*:*:*:*:*", matchCriteriaId: "3C3FBBA4-01FA-45B5-AEDF-FFFE941163FE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:2:*:*:*:*:*:*", matchCriteriaId: "A63E3C72-3145-4661-BBCD-8A67EC0CDDF3", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:3:*:*:*:*:*:*", matchCriteriaId: "9159F6E1-6A36-4D3C-85B1-2205B90CD244", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:3a:*:*:*:*:*:*", matchCriteriaId: "C2C08C24-FBAC-49B8-AABF-4FF8BADA3412", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*", matchCriteriaId: "FBA15143-734D-4889-8B5A-2445A2DDDD4B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. This issue may lead to an information leak.", }, { lang: "es", value: "ESXi versiones 6.5 sin parche ESXi650-201703410-SG, 6.0 U3 sin parche ESXi600-201703401-SG, 6.0 U2 sin parche ESXi600-201703403-SG, 6.0 U1 sin parche ESXi600-201703402-SG, 5.5 sin parche ESXi550-201701401-SG; Workstation Pro / Player versiones 12.x anteriores a 12.5.5; y Fusion Pro / Fusion versiones 8.x anteriores a 8.5.6 de VMware, presenta un uso de memoria no inicializada. Este problema puede conducir a un filtrado de información.", }, ], id: "CVE-2017-4905", lastModified: "2024-11-21T03:26:38.497", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-06-07T18:29:00.413", references: [ { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97164", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038148", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038149", }, { source: "security@vmware.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97164", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038148", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038149", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-908", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-16 17:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | horizon_client | * | |
| vmware | workstation_player | * | |
| vmware | workstation_pro | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:horizon_client:*:*:*:*:*:windows:*:*", matchCriteriaId: "6601BC5A-C99B-4B9A-A112-C4382C04171C", versionEndExcluding: "5.4.4", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*", matchCriteriaId: "D5C1D4AB-9A63-4660-B07A-5A78B3D16962", versionEndExcluding: "16.0.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "14D38E88-C39B-4DB7-91E6-3EBE20ED27FC", versionEndExcluding: "16.0.0", versionStartIncluding: "15.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client.", }, { lang: "es", value: "VMware Workstation (versión 15.x) y Horizon Client para Windows (versiones 5.x anteriores a 5.4.4), contienen una vulnerabilidad de divulgación de información debido a un problema de desbordamiento de enteros en el componente Cortado ThinPrint. Un actor malicioso con acceso normal a una máquina virtual puede ser capaz de explotar este problema para filtrar la memoria del proceso TPView que se ejecuta en el sistema donde está instalado Workstation o Horizon Client para Windows. La explotación solo es posible si la impresión virtual ha sido habilitada. Esta función no está habilitada por defecto en Workstation, pero está habilitada por defecto en Horizon Client", }, ], id: "CVE-2020-3990", lastModified: "2024-11-21T05:32:07.320", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-16T17:15:14.203", references: [ { source: "security@vmware.com", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-06-07 18:29
Modified
2024-11-21 03:26
Severity ?
Summary
VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may exploit this issue to crash the VM or trigger an out-of-bound read. Note: This issue can be triggered only when the host has no graphics card or no graphics drivers are installed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://www.securityfocus.com/bid/96771 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1037979 | ||
| security@vmware.com | http://www.vmware.com/security/advisories/VMSA-2017-0003.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96771 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037979 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2017-0003.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation_player | 12.0.0 | |
| vmware | workstation_player | 12.0.1 | |
| vmware | workstation_player | 12.1.0 | |
| vmware | workstation_player | 12.5.0 | |
| vmware | workstation_player | 12.5.1 | |
| vmware | workstation_pro | 12.0.0 | |
| vmware | workstation_pro | 12.0.1 | |
| vmware | workstation_pro | 12.1.0 | |
| vmware | workstation_pro | 12.5.0 | |
| vmware | workstation_pro | 12.5.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8ABE47D4-506C-4132-829B-19A61ED35F4A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "67CDB0AC-25B6-4397-9784-386C81C37352", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C48608C8-B7A6-47DD-8C78-44EB2B0D6C0C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.0:*:*:*:*:*:*:*", matchCriteriaId: "8E1D4E53-DEB3-4143-B619-4431DB47341F", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.1:*:*:*:*:*:*:*", matchCriteriaId: "C83B3D50-43FF-4034-9C75-F44939D60378", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E3E8337D-BC36-4910-A998-309D277D008C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "0E91FE31-B442-4EE3-A415-D635A5CCA6C2", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C67B92FB-CE89-479D-97DF-237C77BF307B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8A83855-1411-4CA8-A005-5AA58D1CB32A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.1:*:*:*:*:*:*:*", matchCriteriaId: "3516D484-83AF-470E-9E9A-AFE3BBE4F75D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may exploit this issue to crash the VM or trigger an out-of-bound read. Note: This issue can be triggered only when the host has no graphics card or no graphics drivers are installed.", }, { lang: "es", value: "Workstation Pro/Player versiones 12.x anteriores a 12.5.3 de VMware, contiene una vulnerabilidad de seguridad que se presenta en el controlador SVGA. Un atacante puede explotar este problema para bloquear la máquina virtual o activar una lectura fuera de límite. Nota: este problema se puede desencadenar solo cuando el host no tiene tarjeta gráfica o no hay controladores gráficos instalados.", }, ], id: "CVE-2017-4899", lastModified: "2024-11-21T03:26:37.707", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 1.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-06-07T18:29:00.257", references: [ { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/96771", }, { source: "security@vmware.com", url: "http://www.securitytracker.com/id/1037979", }, { source: "security@vmware.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/96771", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1037979", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-06-07 18:29
Modified
2024-11-21 03:26
Severity ?
Summary
VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://www.securityfocus.com/bid/97163 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1038148 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1038149 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.vmware.com/security/advisories/VMSA-2017-0006.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97163 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038148 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038149 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2017-0006.html | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*", matchCriteriaId: "5DB0B91B-F8F6-456F-8FBD-7B98A9ABA95A", versionEndExcluding: "12.5.5", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "17F1AB0A-CD31-4FE7-AE1F-4C6A111D1C62", versionEndExcluding: "12.5.5", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:*", matchCriteriaId: "BB90FDCA-A848-4D4D-8A6F-FD04D702EC85", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:1:*:*:*:*:*:*", matchCriteriaId: "4DC223AC-EB3D-48CF-A6CC-D35E00A38394", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:2:*:*:*:*:*:*", matchCriteriaId: "75C8E87E-A869-49F8-89F9-DE64A45CDB35", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:3a:*:*:*:*:*:*", matchCriteriaId: "E7F8878C-F73D-4549-9607-74880176D2B0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:3b:*:*:*:*:*:*", matchCriteriaId: "E47D369F-13B2-42B3-BB74-60AAD0954B26", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*", matchCriteriaId: "FBA15143-734D-4889-8B5A-2445A2DDDD4B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*", matchCriteriaId: "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*", matchCriteriaId: "0D2ED442-3F6D-472A-AA98-51D05A65B2E0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*", matchCriteriaId: "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*", matchCriteriaId: "C05F1671-5010-4BB5-BFA7-217FBB946B59", versionEndExcluding: "8.5.6", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "AB3E0004-E6F1-4C0D-9B24-A7F1AF4BCBD8", versionEndExcluding: "8.5.6", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", matchCriteriaId: "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host.", }, { lang: "es", value: "Wmware ESXi sin el parche ESXi650-201703410-SG y 5.5 sin el parche ESXi550-201703401-SG; Workstation Pro / Player 12.x anterior a 12.5.5 y Fusion Pro /Fusion 8.x anterior a la 8.5.6 tiene un buffer overflow basado en el heap --heap-- en SVGA. Este problema permitiría a un huésped ejecutar código en el host.", }, ], id: "CVE-2017-4902", lastModified: "2024-11-21T03:26:38.070", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-06-07T18:29:00.317", references: [ { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97163", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038148", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038149", }, { source: "security@vmware.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97163", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038148", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038149", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-12-29 09:59
Modified
2025-04-12 10:46
Severity ?
Summary
VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via an EMF file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation_player | 12.0.0 | |
| vmware | workstation_player | 12.0.1 | |
| vmware | workstation_player | 12.1.0 | |
| vmware | workstation_player | 12.1.1 | |
| vmware | workstation_pro | 12.0.0 | |
| vmware | workstation_pro | 12.0.1 | |
| vmware | workstation_pro | 12.1.0 | |
| vmware | workstation_pro | 12.1.1 | |
| microsoft | windows | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8ABE47D4-506C-4132-829B-19A61ED35F4A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "67CDB0AC-25B6-4397-9784-386C81C37352", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C48608C8-B7A6-47DD-8C78-44EB2B0D6C0C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "1787E49C-19A5-428D-9BEA-5500B3DD60F8", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E3E8337D-BC36-4910-A998-309D277D008C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "0E91FE31-B442-4EE3-A415-D635A5CCA6C2", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C67B92FB-CE89-479D-97DF-237C77BF307B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F44F5FBF-DD1D-41F8-A1EC-9720DBC89008", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via an EMF file.", }, { lang: "es", value: "VMware Workstation Pro 12.x en versiones anteriores a 12.5.0 y VMware Workstation Player 12.x en versiones anteriores a 12.5.0 en Windows, cuando la impresión virtual Cortado ThinPrint está habilitada, permiten a usuarios invitados del SO ejecutar código arbitrario en el SO anfitrión o provocar una denegación de servicio (corrupción de memoria del SO anfitrión) a través de un archivo EMF.", }, ], id: "CVE-2016-7082", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 5.9, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 8.5, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.1, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-12-29T09:59:00.367", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92934", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1036805", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92934", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036805", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-16 17:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an out-of-bounds write issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to create a partial denial-of-service condition on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | horizon_client | * | |
| vmware | workstation_player | * | |
| vmware | workstation_pro | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:horizon_client:*:*:*:*:*:windows:*:*", matchCriteriaId: "6601BC5A-C99B-4B9A-A112-C4382C04171C", versionEndExcluding: "5.4.4", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*", matchCriteriaId: "D5C1D4AB-9A63-4660-B07A-5A78B3D16962", versionEndExcluding: "16.0.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "14D38E88-C39B-4DB7-91E6-3EBE20ED27FC", versionEndExcluding: "16.0.0", versionStartIncluding: "15.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an out-of-bounds write issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to create a partial denial-of-service condition on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client.", }, { lang: "es", value: "VMware Workstation (versión 15.x) y Horizon Client para Windows (versión 5.x anteriores a 5.4.4), contienen una vulnerabilidad de denegación de servicio debido a un problema de escritura fuera de límites en el componente Cortado ThinPrint. Un actor malicioso con acceso normal a una máquina virtual puede ser capaz de explotar este problema para crear una condición de denegación de servicio parcial en el sistema donde está instalado Workstation o Horizon Client para Windows. La explotación solo es posible si se ha habilitado la impresión virtual. Esta función no está habilitada por defecto en Workstation, pero está habilitada por defecto en Horizon Client", }, ], id: "CVE-2020-3989", lastModified: "2024-11-21T05:32:07.220", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-16T17:15:14.093", references: [ { source: "security@vmware.com", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-16 17:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | horizon_client | * | |
| vmware | workstation_player | * | |
| vmware | workstation_pro | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:horizon_client:*:*:*:*:*:windows:*:*", matchCriteriaId: "6601BC5A-C99B-4B9A-A112-C4382C04171C", versionEndExcluding: "5.4.4", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*", matchCriteriaId: "D5C1D4AB-9A63-4660-B07A-5A78B3D16962", versionEndExcluding: "16.0.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "14D38E88-C39B-4DB7-91E6-3EBE20ED27FC", versionEndExcluding: "16.0.0", versionStartIncluding: "15.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.", }, { lang: "es", value: "VMware Workstation (versión 15.x) y Horizon Client para Windows (versión 5.x anteriores a 5.4.4), contienen una vulnerabilidad de lectura fuera de límites en el componente Cortado ThinPrint (analizador JPEG2000). Un actor malicioso con acceso normal a una máquina virtual puede explotar estos problemas para crear una condición de denegación de servicio parcial o para filtrar la memoria del proceso TPView que se ejecuta en el sistema donde está instalado Workstation o Horizon Client para Windows", }, ], id: "CVE-2020-3988", lastModified: "2024-11-21T05:32:07.120", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.6, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-16T17:15:14.017", references: [ { source: "security@vmware.com", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-12-20 15:29
Modified
2024-11-21 03:26
Severity ?
Summary
VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://www.securitytracker.com/id/1040024 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1040025 | Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2017-0021.html | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040024 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040025 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2017-0021.html | Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation_pro | * | |
| vmware | workstation_pro | 14.0 | |
| vmware | workstation_pro | 14.1.0 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | fusion | * | |
| apple | mac_os_x | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "FE8FC688-FBC8-4BBF-BEC6-D8B85B61C3D4", versionEndExcluding: "12.5.8", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:14.0:*:*:*:*:*:*:*", matchCriteriaId: "CFC8B7E0-C0D4-416C-B9BD-011B0DCE9A07", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:14.1.0:*:*:*:*:*:*:*", matchCriteriaId: "4E5AECF4-F516-4FB8-906D-E8608D331C35", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*", matchCriteriaId: "FBA15143-734D-4889-8B5A-2445A2DDDD4B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*", matchCriteriaId: "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*", matchCriteriaId: "0D2ED442-3F6D-472A-AA98-51D05A65B2E0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*", matchCriteriaId: "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*", matchCriteriaId: "F948E806-0F73-4145-A723-7A43BA45842B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*", matchCriteriaId: "75FAFF86-C65F-4723-8A63-BACE2F797937", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*", matchCriteriaId: "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*", matchCriteriaId: "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*", matchCriteriaId: "6FA9E337-B4F3-4895-BA58-962F8CDEE73E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*", matchCriteriaId: "830B0BC1-A368-49AC-B6C9-B000972EF92A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*", matchCriteriaId: "614394F3-3BEE-4E12-AABF-436D54A04313", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*", matchCriteriaId: "350FD3CE-8B64-4FCF-82DE-BE941156F4F6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*", matchCriteriaId: "C9EAE177-6C7E-4C1B-ADEE-2C036F731272", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*", matchCriteriaId: "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*", matchCriteriaId: "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*", matchCriteriaId: "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*", matchCriteriaId: "7ACC1A72-F6B6-430A-AB89-AB0A11587F58", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*", matchCriteriaId: "45111C74-BF6F-4C05-A0D3-CE325AD0C02B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*", matchCriteriaId: "B1CE5849-01B1-4E36-83E8-496A3F328C9C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*", matchCriteriaId: "A879BA05-3A80-4EBC-AA9D-9B53695425B4", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*", matchCriteriaId: "3D65A0E8-A1E0-42F3-B77D-2F32979278BB", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*", matchCriteriaId: "80C10150-39BA-4818-B48F-8645D4A0D316", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*", matchCriteriaId: "9792B986-86EF-40E0-9427-A45F858717E1", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*", matchCriteriaId: "37EDD688-C91A-4A35-913A-82E156ADD242", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*", matchCriteriaId: "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*", matchCriteriaId: "47DA50DA-7CA4-4B76-8B3B-A5732509F71D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*", matchCriteriaId: "76EB1A04-0645-4909-AEF9-33D6FADA4793", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*", matchCriteriaId: "F1A35723-D968-42D6-89EB-86CA550516E6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*", matchCriteriaId: "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*", matchCriteriaId: "2D6A3952-8429-4762-8701-47D7C1F05A5F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*", matchCriteriaId: "20740117-8BC1-47B8-AA10-8ADF91F1CA86", versionEndExcluding: "8.5.9", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", matchCriteriaId: "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall.", }, { lang: "es", value: "VMware ESXi (6.5 anteriores a ESXi650-201710401-BG), Workstation (12.x anteriores a la 12.5.8) y Fusion (8.x anteriores a la 8.5.9) contienen una vulnerabilidad que podría permitir que una sesión VNC autenticada provoque un desbordamiento de memoria dinámica (heap) mediante una serie específica de paquetes VNC, resultando en una corrupción de memoria dinámica. La explotación exitosa de esta vulnerabilidad podría resultar en la ejecución remota de código en una máquina virtual mediante la sesión VNC autenticada. Nota: Para que sea posible la explotación en ESXi, VNC debe estar habilitado manualmente en un archivo de configuración .vmx de la máquina virtual. Además, ESXi se debe configurar para permitir el tráfico VNC a través del firewall incorporado.", }, ], id: "CVE-2017-4933", lastModified: "2024-11-21T03:26:41.893", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-12-20T15:29:00.217", references: [ { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040024", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040025", }, { source: "security@vmware.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040025", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0021.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-06-07 18:29
Modified
2024-11-21 03:26
Severity ?
Summary
VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://www.securityfocus.com/bid/96770 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1037979 | ||
| security@vmware.com | http://www.vmware.com/security/advisories/VMSA-2017-0003.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96770 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037979 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2017-0003.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation_player | 12.0.0 | |
| vmware | workstation_player | 12.0.1 | |
| vmware | workstation_player | 12.1.0 | |
| vmware | workstation_player | 12.5.0 | |
| vmware | workstation_player | 12.5.1 | |
| vmware | workstation_player | 12.5.2 | |
| vmware | workstation_pro | 12.0.0 | |
| vmware | workstation_pro | 12.0.1 | |
| vmware | workstation_pro | 12.1.0 | |
| vmware | workstation_pro | 12.5.0 | |
| vmware | workstation_pro | 12.5.1 | |
| vmware | workstation_pro | 12.5.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8ABE47D4-506C-4132-829B-19A61ED35F4A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "67CDB0AC-25B6-4397-9784-386C81C37352", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C48608C8-B7A6-47DD-8C78-44EB2B0D6C0C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.0:*:*:*:*:*:*:*", matchCriteriaId: "8E1D4E53-DEB3-4143-B619-4431DB47341F", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.1:*:*:*:*:*:*:*", matchCriteriaId: "C83B3D50-43FF-4034-9C75-F44939D60378", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.2:*:*:*:*:*:*:*", matchCriteriaId: "A1613CB4-1088-40F1-A5E8-584284A980D0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E3E8337D-BC36-4910-A998-309D277D008C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "0E91FE31-B442-4EE3-A415-D635A5CCA6C2", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C67B92FB-CE89-479D-97DF-237C77BF307B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8A83855-1411-4CA8-A005-5AA58D1CB32A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.1:*:*:*:*:*:*:*", matchCriteriaId: "3516D484-83AF-470E-9E9A-AFE3BBE4F75D", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.2:*:*:*:*:*:*:*", matchCriteriaId: "2F5A845C-E2CA-4C3A-8019-22C7DC2EA6DB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.", }, { lang: "es", value: "VMware Workstation Pro/Player 12.x anterior a 12.5.3 contiene una vulnerabilidad de puntero NULL que existe en el driver SVGA. Una explotación satisfactoria de este problema permitirá a los atacantes con privilegios de usuario normal hacer caer la aplicación.", }, ], id: "CVE-2017-4900", lastModified: "2024-11-21T03:26:37.830", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-06-07T18:29:00.287", references: [ { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/96770", }, { source: "security@vmware.com", url: "http://www.securitytracker.com/id/1037979", }, { source: "security@vmware.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/96770", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1037979", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-05-22 14:29
Modified
2024-11-21 03:26
Severity ?
Summary
VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation of this issue may allow host users with normal user privileges to trigger a denial-of-service in a Windows host machine.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation_player | 12.0.0 | |
| vmware | workstation_pro | 12.0.0 | |
| microsoft | windows | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8ABE47D4-506C-4132-829B-19A61ED35F4A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E3E8337D-BC36-4910-A998-309D277D008C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation of this issue may allow host users with normal user privileges to trigger a denial-of-service in a Windows host machine.", }, { lang: "es", value: "Workstation Pro/Player de VMware, contiene una vulnerabilidad de desreferencia de un puntero NULL que se presenta en el controlador vstor2. La explotación con éxito de este problema puede permitir a los usuarios del host con privilegios de usuario normal desencadenar una denegación de servicio en una máquina host de Windows.", }, ], id: "CVE-2017-4916", lastModified: "2024-11-21T03:26:39.730", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-05-22T14:29:00.230", references: [ { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/98560", }, { source: "security@vmware.com", url: "http://www.securitytracker.com/id/1038526", }, { source: "security@vmware.com", url: "https://www.exploit-db.com/exploits/42140/", }, { source: "security@vmware.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/98560", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1038526", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/42140/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0009.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-16 17:15
Modified
2024-11-21 05:49
Severity ?
Summary
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0004.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0004.html | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*", matchCriteriaId: "28769D3C-0C46-4E6B-A8E2-75A7B64B1D47", versionEndExcluding: "3.11", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*", matchCriteriaId: "DBED072F-DE79-41C6-AD4F-02E10BD27FBD", versionEndExcluding: "4.4", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*", matchCriteriaId: "6735BF82-477F-498C-90E6-A744DECEEB1E", versionEndExcluding: "12.2.1", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*", matchCriteriaId: "004F4859-2B2B-472E-A135-122B46BBE427", versionEndExcluding: "16.2.1", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "59A4C2DD-155D-41F0-9A03-40FD949BDBCD", versionEndExcluding: "16.2.1", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*", matchCriteriaId: "FBA15143-734D-4889-8B5A-2445A2DDDD4B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-202202401:*:*:*:*:*:*", matchCriteriaId: "4C47BEFC-1434-4676-A123-359A500F19BC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*", matchCriteriaId: "B2792D06-A73E-4A56-A152-82E1AD4E707D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*", matchCriteriaId: "0CE9D758-2170-4ACD-965C-C76BDA693466", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*", matchCriteriaId: "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*", matchCriteriaId: "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*", matchCriteriaId: "8B75B45F-E25A-4362-856D-465A9F8B70DB", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*", matchCriteriaId: "EDA4AE4C-3BA8-472D-950A-3C8684565CD8", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*", matchCriteriaId: "6AA3617D-B911-4BC5-B544-B31D4F43D2B3", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*", matchCriteriaId: "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*", matchCriteriaId: "047A71B3-CDFB-41F3-B2DE-11360DAE5744", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*", matchCriteriaId: "F88691FD-F263-4B75-BF21-481BC1623C3C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*", matchCriteriaId: "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*", matchCriteriaId: "36A67476-2E8E-4104-9F10-7AE42F82508F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*", matchCriteriaId: "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*", matchCriteriaId: "E2283675-582F-44A8-833B-B5B439CBFA1E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*", matchCriteriaId: "94C4A188-6B00-48C4-B7E2-9F70811BF618", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*", matchCriteriaId: "F82943E9-E2D0-49F4-BD32-40E84BA1957E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*", matchCriteriaId: "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*", matchCriteriaId: "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*", matchCriteriaId: "554434AB-763F-4E95-B616-F7594041D511", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*", matchCriteriaId: "CE56E7AC-F63D-4A4B-9B45-0E623973B14B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*", matchCriteriaId: "36664142-0111-42F5-A371-AD2C0DF211EF", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*", matchCriteriaId: "49EA78B6-8208-4351-88F9-103CA01EF3A1", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*", matchCriteriaId: "27AC575F-9AC4-4AA1-A71C-BF9F752295F1", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*", matchCriteriaId: "4C0F47F3-0509-45AC-8EA9-37246E4E6095", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*", matchCriteriaId: "CE103301-6AEF-4348-8F36-833021739AEF", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*", matchCriteriaId: "8D92B2FF-8962-41F9-B019-D83AAAD188FC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*", matchCriteriaId: "8E6D5227-3421-412F-9BE0-583AA768446D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*", matchCriteriaId: "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*", matchCriteriaId: "82BA9EB1-4EFB-4649-92C7-2C307966956E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*", matchCriteriaId: "2133378D-8DFD-48B9-83A1-9FA7DDC68902", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*", matchCriteriaId: "57BF8703-0C83-4BA5-B0F7-FB6E45229685", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*", matchCriteriaId: "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*", matchCriteriaId: "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*", matchCriteriaId: "27FA0C0E-B5A2-4619-998B-CFB45496D895", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*", matchCriteriaId: "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*", matchCriteriaId: "8E756914-2C2A-4999-AAEA-2F6835A29C49", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*", matchCriteriaId: "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*", matchCriteriaId: "5BF2FE18-A90E-429A-98D1-9A97DD0464B0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*", matchCriteriaId: "92289D85-0652-41D1-A6BA-D4B8C7EE1F45", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*", matchCriteriaId: "CF41887D-B145-4D01-9AEF-2E36479B2FA1", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*", matchCriteriaId: "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*", matchCriteriaId: "36234CE1-FA7E-4534-9720-410435E2BAEE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*", matchCriteriaId: "ABE65721-57C0-4748-B159-F6D97CE8CAB9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*", matchCriteriaId: "CD1889D7-3313-4004-AA42-7879E8551413", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*", matchCriteriaId: "494E0B07-CE16-46D4-A89B-4F12A6CECDF4", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*", matchCriteriaId: "DD046237-16D7-4A57-9F09-2A6A649368C6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*", matchCriteriaId: "8343E8DB-1D54-4B82-9254-2E2AFC548609", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*", matchCriteriaId: "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*", matchCriteriaId: "0169E032-F47A-45E0-BC33-B7DF54EC11BF", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*", matchCriteriaId: "B0FCF0BB-9905-415A-8E30-DB96CCC49782", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*", matchCriteriaId: "7264CDC9-FB2D-45A9-9307-C197B1052477", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*", matchCriteriaId: "0C02E0DF-7656-475B-B028-10406DAB30F9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*", matchCriteriaId: "D0538570-759A-441A-BC37-556642C090F9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*", matchCriteriaId: "41340C91-4E96-4578-BB96-6758EBE072E6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*", matchCriteriaId: "9CF906E5-A846-49BA-925B-C6059FD02BFB", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*", matchCriteriaId: "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*", matchCriteriaId: "7D3D0230-53D4-469F-AD46-74F057F6F9B7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*", matchCriteriaId: "322DC091-A4A1-4534-AB5C-0030114A63D9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*", matchCriteriaId: "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*", matchCriteriaId: "4B23002D-D157-412F-B2ED-CD4504C79987", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*", matchCriteriaId: "73DA1453-4756-4C16-9640-B3B0C6F617DF", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*", matchCriteriaId: "8A2AE141-7503-4C0B-B0F1-B67A898FDF24", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*", matchCriteriaId: "589EE886-6927-4AEA-903C-155C23B1747A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*", matchCriteriaId: "4547B798-9F00-4B28-B667-9D38B9E3591B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*", matchCriteriaId: "3BDDFA27-0D99-4D98-B00F-5D038488BAAE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*", matchCriteriaId: "53129601-DDA4-4BF4-8F63-A88890F2D7B5", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*", matchCriteriaId: "3F931502-8460-4373-92D7-CFD817F4A062", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*", matchCriteriaId: "B48B12F8-0B49-404E-A6B4-1F6108687C5B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*", matchCriteriaId: "287D4E48-4890-46C2-8B9B-1CE484C9D30A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*", matchCriteriaId: "8CED027A-5B1B-44CC-81DA-AAD00D551C84", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*", matchCriteriaId: "A916EB29-ADE4-4D65-BF8E-98B44E466AEB", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*", matchCriteriaId: "94F87F69-37DD-4170-ACA0-742EE8CFD00E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*", matchCriteriaId: "BC024B88-DEDD-49E5-B668-5B00C212B6A9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*", matchCriteriaId: "ACC3D191-BB1B-4875-9A58-1E6D53128062", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*", matchCriteriaId: "DB9F131B-46BE-44F8-904B-FD0839926B18", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*", matchCriteriaId: "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*", matchCriteriaId: "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*", matchCriteriaId: "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*", matchCriteriaId: "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*", matchCriteriaId: "62772E13-0198-4021-9FB0-59124086B21C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*", matchCriteriaId: "7BD28EE0-808D-4A76-B707-F163527608C5", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*", matchCriteriaId: "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*", matchCriteriaId: "79225541-575F-44FC-8ED6-24BA6A4128EF", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*", matchCriteriaId: "7B8868CD-EA52-438C-BFDD-EB41C98BA425", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*", matchCriteriaId: "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*", matchCriteriaId: "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*", matchCriteriaId: "D526CE1D-ED76-44EB-9377-53EF7556E254", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*", matchCriteriaId: "00ECE661-E187-4999-B2CC-CF0EBAE83253", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*", matchCriteriaId: "D7E92A1C-40EB-441B-A634-42609527210A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*", matchCriteriaId: "6C225598-9636-4095-84FE-DD671F2D6000", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*", matchCriteriaId: "111A10BE-FC5A-4272-9719-1DED62694A7A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*", matchCriteriaId: "58C577E8-4B2B-4D91-AFCA-81C7FA04B897", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*", matchCriteriaId: "FC65FCFC-CD55-401A-8986-A1DBF544D228", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*", matchCriteriaId: "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*", matchCriteriaId: "EEBD3AEC-284C-44E1-A4CD-010787114737", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*", matchCriteriaId: "41DE747D-30C9-470D-8447-47B8C95311EA", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*", matchCriteriaId: "42F87C20-5A00-43C9-A445-50AD716233D9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*", matchCriteriaId: "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*", matchCriteriaId: "C1412AFC-CBE8-4151-B01D-785F11ACAB85", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*", matchCriteriaId: "97F27723-5065-4A57-AF07-F9BD35B9B32C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904226-ug:*:*:*:*:*:*", matchCriteriaId: "6431DD1F-2269-4AFB-B486-9B6373F41C57", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*", matchCriteriaId: "94383F22-6A4B-43A5-BA4D-6D25698DFF00", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904227-ug:*:*:*:*:*:*", matchCriteriaId: "3BA5D0CB-E5B0-4C95-91A7-C662BAE01483", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*", matchCriteriaId: "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904228-ug:*:*:*:*:*:*", matchCriteriaId: "A86BDAB4-3924-45A8-9130-517DEA184FA2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*", matchCriteriaId: "E58409B9-DCF2-4383-8A39-D7CE0136EFF8", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201904229-ug:*:*:*:*:*:*", matchCriteriaId: "A6EAE07B-2849-4E3B-B8D0-F68E6440A9D3", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*", matchCriteriaId: "00CF4E83-EA1C-4058-8BCC-09B495255F71", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*", matchCriteriaId: "86626D15-8D73-48BA-970B-CE661D5BB59A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*", matchCriteriaId: "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*", matchCriteriaId: "9969057F-BD3A-474E-8A02-087575A8AA92", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*", matchCriteriaId: "7111974A-2A88-4209-8CBB-F872993AE4BB", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*", matchCriteriaId: "35722902-3652-44F1-89C2-08EB51F2A1B9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*", matchCriteriaId: "E469AC46-D464-4960-8F23-CA59B3DCB7C4", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*", matchCriteriaId: "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*", matchCriteriaId: "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*", matchCriteriaId: "739948F5-E005-49E3-B412-4E035C7D95E2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*", matchCriteriaId: "D1828A75-5088-4992-A06B-A58B62536F4B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*", matchCriteriaId: "58030F5A-82E1-4D54-A8F0-30CAAD4C8402", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*", matchCriteriaId: "9A013753-5E40-4CD8-A649-6CD023E0A970", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*", matchCriteriaId: "F554BC79-A92C-4287-9D94-3657C48E36CE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*", matchCriteriaId: "F82710D4-3FAB-469F-B15C-F22B4786AE42", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*", matchCriteriaId: "BDE7B96D-AD37-406D-AF62-3797E7A55119", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*", matchCriteriaId: "A9C294EC-F0BE-44DA-9073-D29D693F0964", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*", matchCriteriaId: "E05B6CD2-A581-46C2-AEA7-D8A6028FB466", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*", matchCriteriaId: "6CEC1380-E75E-40B5-BDE8-94E12317CCCD", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*", matchCriteriaId: "C7B7079D-785C-4941-929A-C82B54809728", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*", matchCriteriaId: "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*", matchCriteriaId: "31F8FFF5-25BD-408D-9089-567AF16BA608", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*", matchCriteriaId: "EE834CFD-5533-4989-8836-D0F07ED4919C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*", matchCriteriaId: "092F9149-6B82-48CD-B90C-87DB36881F5B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*", matchCriteriaId: "B2EA0EC1-0139-403C-AC9B-08D8530F4A73", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*", matchCriteriaId: "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*", matchCriteriaId: "755CCD27-3C87-497F-BDBB-48D3163909A6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201911001:*:*:*:*:*:*", matchCriteriaId: "2130E67D-7F2A-4D82-BEFD-BA42B6B6FDA7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*", matchCriteriaId: "2635673A-1F6B-4B8D-9C8D-F2FFB9644373", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*", matchCriteriaId: "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*", matchCriteriaId: "1CE71B5C-586B-4829-9A7E-3A008A1C1E35", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*", matchCriteriaId: "802A1549-678C-4001-807B-97AD0953B5A3", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*", matchCriteriaId: "A6024926-4AE4-4609-99DE-E3173A72058A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*", matchCriteriaId: "AB1CAAFF-616A-4455-86CA-0ED553D3D27F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*", matchCriteriaId: "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*", matchCriteriaId: "13C713B1-AEA0-40B0-829E-4D0A23808577", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*", matchCriteriaId: "4C501A11-EF97-4402-9366-E624F1CBEDEA", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*", matchCriteriaId: "52AE4120-4AAE-4F15-8575-4C480FBF7817", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*", matchCriteriaId: "04BAED99-1BF3-4089-B6E6-0BE505E6D846", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*", matchCriteriaId: "F318EA34-1EB7-484D-B016-3173683B0823", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*", matchCriteriaId: "08254171-3483-4796-AD29-8C8A66BEA7A2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*", matchCriteriaId: "BB87B220-ED25-4818-8E70-A9663CCEF005", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*", matchCriteriaId: "1275D19D-05C0-42F8-8402-647E512DAC72", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*", matchCriteriaId: "7D919EB9-F45B-4A4B-9887-7DE98065B766", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*", matchCriteriaId: "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*", matchCriteriaId: "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*", matchCriteriaId: "92E98665-4919-4D45-88CF-28835DADD6E5", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*", matchCriteriaId: "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*", matchCriteriaId: "497F58A2-0A2C-4A59-A73B-31C956EF3CD9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202010001:*:*:*:*:*:*", matchCriteriaId: "18E8632C-E442-4F18-BFE2-96AE5C839F0E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202011001:*:*:*:*:*:*", matchCriteriaId: "13D69B99-CB36-45DD-9FD9-C58186998200", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202011002:*:*:*:*:*:*", matchCriteriaId: "EF0BC157-1834-46D8-9BF9-0CE9648C7D8B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202102001:*:*:*:*:*:*", matchCriteriaId: "728136B6-47A7-42BC-9464-7745E4F2B4FB", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202103001:*:*:*:*:*:*", matchCriteriaId: "3967967A-E0A5-45B3-999C-D749A9B0C791", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.7:670-202111101:*:*:*:*:*:*", matchCriteriaId: "644588BB-2A6D-481C-9B2F-756C23B989DE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*", matchCriteriaId: "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*", matchCriteriaId: "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*", matchCriteriaId: "D3E3A02D-6C1E-4DE8-B845-60F53C056F32", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*", matchCriteriaId: "4ADC3CFF-7415-46A5-817A-2F053B261E8C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.", }, { lang: "es", value: "VMware ESXi, Workstation y Fusion contienen una vulnerabilidad de uso de memoria previamente liberada en el controlador USB XHCI. Un actor malicioso con privilegios administrativos locales en una máquina virtual puede aprovechar este problema para ejecutar código como el proceso VMX de la máquina virtual que es ejecutada en el host", }, ], id: "CVE-2021-22040", lastModified: "2024-11-21T05:49:29.040", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-16T17:15:10.413", references: [ { source: "security@vmware.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2022-0004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2022-0004.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-09-15 13:29
Modified
2024-11-21 03:26
Severity ?
Summary
VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://www.securityfocus.com/bid/100842 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1039367 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1039368 | Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2017-0015.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100842 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039367 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039368 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2017-0015.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:*", matchCriteriaId: "BB90FDCA-A848-4D4D-8A6F-FD04D702EC85", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:1:*:*:*:*:*:*", matchCriteriaId: "4DC223AC-EB3D-48CF-A6CC-D35E00A38394", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:2:*:*:*:*:*:*", matchCriteriaId: "75C8E87E-A869-49F8-89F9-DE64A45CDB35", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:3a:*:*:*:*:*:*", matchCriteriaId: "E7F8878C-F73D-4549-9607-74880176D2B0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:3b:*:*:*:*:*:*", matchCriteriaId: "E47D369F-13B2-42B3-BB74-60AAD0954B26", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:550-20170901001s:*:*:*:*:*:*", matchCriteriaId: "45551873-2E14-4324-9946-C22079F7D0D0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*", matchCriteriaId: "3E8861F4-D390-4738-BBF0-9EE4684E9667", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:1:*:*:*:*:*:*", matchCriteriaId: "52403C80-3022-4E5B-B16A-24B116D1E6B9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:1a:*:*:*:*:*:*", matchCriteriaId: "FBECED2E-05FD-492E-8B57-9BB8ADA82444", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:1b:*:*:*:*:*:*", matchCriteriaId: "3C3FBBA4-01FA-45B5-AEDF-FFFE941163FE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:2:*:*:*:*:*:*", matchCriteriaId: "A63E3C72-3145-4661-BBCD-8A67EC0CDDF3", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:3:*:*:*:*:*:*", matchCriteriaId: "9159F6E1-6A36-4D3C-85B1-2205B90CD244", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:3a:*:*:*:*:*:*", matchCriteriaId: "C2C08C24-FBAC-49B8-AABF-4FF8BADA3412", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201504401:*:*:*:*:*:*", matchCriteriaId: "2B9D5E67-78C9-495E-91F0-AF94871E5FA2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201505401:*:*:*:*:*:*", matchCriteriaId: "6D35CDFE-F0E7-43F7-A307-E3BDDE5AEAD5", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507101:*:*:*:*:*:*", matchCriteriaId: "ADC13026-3B5A-4BF0-BDEC-B77338E427E8", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507102:*:*:*:*:*:*", matchCriteriaId: "6CBA70BA-FFCD-4D2D-AD26-95CC62748937", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507401:*:*:*:*:*:*", matchCriteriaId: "4C92DD8B-8AB8-40D4-8E86-12FEB055D37A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507402:*:*:*:*:*:*", matchCriteriaId: "C58D77F5-CDB2-47DA-A879-BABEBE2E1E04", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507403:*:*:*:*:*:*", matchCriteriaId: "D0C324FB-3989-4A4A-BF5B-C40CA698DDB7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507404:*:*:*:*:*:*", matchCriteriaId: "0E7AC58E-D1F8-4FDF-9A28-61CF6158330A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507405:*:*:*:*:*:*", matchCriteriaId: "489EE0F6-5510-470E-8711-DC08B4AFB4F7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507406:*:*:*:*:*:*", matchCriteriaId: "6719ED6F-CBC3-4B1E-9343-23DC3BA15FDA", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507407:*:*:*:*:*:*", matchCriteriaId: "DDAA48A9-9319-4104-B151-D529E5EBF0F7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509101:*:*:*:*:*:*", matchCriteriaId: "D16CD918-5075-4975-8B1E-21D8AD35A28E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509102:*:*:*:*:*:*", matchCriteriaId: "7A38CD8E-494D-4E0E-A300-8550FC81FAE4", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509201:*:*:*:*:*:*", matchCriteriaId: "1F40ABE8-8DED-4633-A34C-00DF5D510E71", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509202:*:*:*:*:*:*", matchCriteriaId: "1736B975-089B-413C-8CA0-5524B957EF9A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509203:*:*:*:*:*:*", matchCriteriaId: "0E4DCBF6-7189-497A-B923-08574443172C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509204:*:*:*:*:*:*", matchCriteriaId: "16FBA646-0B5E-44A7-BB12-29D5C611AEC5", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509205:*:*:*:*:*:*", matchCriteriaId: "29F57497-7B48-4D0C-B8F5-8D33062BECEE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509206:*:*:*:*:*:*", matchCriteriaId: "ADDE96C7-C489-4D14-990B-8524627A23D2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509207:*:*:*:*:*:*", matchCriteriaId: "AD82C093-FD98-45DE-9EE6-A05E81A1FEC6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509208:*:*:*:*:*:*", matchCriteriaId: "08789F9E-CDC7-4F89-B925-92C9E3AE5234", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509209:*:*:*:*:*:*", matchCriteriaId: "26ABB84C-B4BF-424E-8F4C-D2B6BE0AC79E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509210:*:*:*:*:*:*", matchCriteriaId: "621C203B-4B66-49CC-A35D-D7703109BF14", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201510401:*:*:*:*:*:*", matchCriteriaId: "3261BDEF-D89C-41D9-A360-EC36EAB17490", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201511401:*:*:*:*:*:*", matchCriteriaId: "5170A4F6-02B7-4225-B944-73DB5A4D332C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601101:*:*:*:*:*:*", matchCriteriaId: "62A97DBA-A56B-4F0B-B9C4-44B5166681AF", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601102:*:*:*:*:*:*", matchCriteriaId: "806C8BE6-A2BE-45BE-BEF2-396BEB16FCC3", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601401:*:*:*:*:*:*", matchCriteriaId: "DBA6211E-134A-484E-8444-FBB5070B395D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601402:*:*:*:*:*:*", matchCriteriaId: "3E7B05B3-4076-4A44-B9A6-A44419F175C2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601403:*:*:*:*:*:*", matchCriteriaId: "1A1636B4-6E79-42D7-AA62-5EE43412B43A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601404:*:*:*:*:*:*", matchCriteriaId: "0F0377D0-BBED-41BF-80C5-58414ED413EE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601405:*:*:*:*:*:*", matchCriteriaId: "6495283C-D18A-4DDA-852E-46F2273D6DAC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201602401:*:*:*:*:*:*", matchCriteriaId: "09DEFEE5-5E9E-4F3A-A245-3E8E2B291339", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603101:*:*:*:*:*:*", matchCriteriaId: "4B5A97A3-65DB-4697-9CF1-B4F5E4E4132F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603102:*:*:*:*:*:*", matchCriteriaId: "17A84E0A-1429-467F-9EE1-FCA062392DC2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603201:*:*:*:*:*:*", matchCriteriaId: "C591163D-64BC-403B-A460-5B2258EC2F8A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603202:*:*:*:*:*:*", matchCriteriaId: "ED932B89-D34D-4398-8F79-AF98987CAFD0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603203:*:*:*:*:*:*", matchCriteriaId: "ABD365A0-0B09-4EC2-9973-691144C99507", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603204:*:*:*:*:*:*", matchCriteriaId: "FBE64DC7-A9D1-416F-89BF-D9F8DD8174AA", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603205:*:*:*:*:*:*", matchCriteriaId: "0E198AE4-A6A3-4875-A7DA-44BE9E1B280F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603206:*:*:*:*:*:*", matchCriteriaId: "2FDD5BA0-8180-484D-8308-B0862B6E9DC3", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603207:*:*:*:*:*:*", matchCriteriaId: "96A6EB9A-A908-42D1-A6BC-E38E861BBECE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603208:*:*:*:*:*:*", matchCriteriaId: "651EDCAA-D785-464D-AE41-425A69F6FFB7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201605401:*:*:*:*:*:*", matchCriteriaId: "1B3C704C-9D60-4F72-B482-07F209985E68", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608101:*:*:*:*:*:*", matchCriteriaId: "C1CFE956-4391-4B71-BD0B-96A008A624B7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608401:*:*:*:*:*:*", matchCriteriaId: "409778CD-9AB3-4793-A5F5-8D8657F81442", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608402:*:*:*:*:*:*", matchCriteriaId: "F7EA75DB-B6BE-4E75-89B6-C69E96CBD7BF", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608403:*:*:*:*:*:*", matchCriteriaId: "0DC45A8B-6DE0-465F-9644-B75A09394F25", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608404:*:*:*:*:*:*", matchCriteriaId: "7A265671-BCB0-401A-A1E8-500F9D41492E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608405:*:*:*:*:*:*", matchCriteriaId: "83168067-1E43-4186-9B15-3FC702C6583C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201610410:*:*:*:*:*:*", matchCriteriaId: "8C122DB4-8410-4C4E-87BE-EB3175CE182B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201611401:*:*:*:*:*:*", matchCriteriaId: "C76ED78D-0778-4269-938E-BB7586C1E44E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201611402:*:*:*:*:*:*", matchCriteriaId: "7A1F78C5-E995-4E37-83C5-5B6A1D39E549", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201611403:*:*:*:*:*:*", matchCriteriaId: "7A2E842D-AF37-4641-AD05-B91F250E7487", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702101:*:*:*:*:*:*", matchCriteriaId: "A07EAC87-32FD-4553-B71D-181F2C66AE68", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702102:*:*:*:*:*:*", matchCriteriaId: "AD6F0D62-4C51-46D6-A6C4-E479BE6B2C91", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702201:*:*:*:*:*:*", matchCriteriaId: "865D3042-68ED-44B9-A036-9433F7463D6F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702202:*:*:*:*:*:*", matchCriteriaId: "FC4FEF78-D2DA-4CCE-BB81-7E2090ED545C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702203:*:*:*:*:*:*", matchCriteriaId: "11AE3F61-9655-4B20-96E1-92112BE2BEDC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702204:*:*:*:*:*:*", matchCriteriaId: "ECE35166-3019-450B-9C69-484E4EDE5A6D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702205:*:*:*:*:*:*", matchCriteriaId: "D892B066-381B-4F46-8363-7BA1647BBCD8", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702206:*:*:*:*:*:*", matchCriteriaId: "710DB381-5504-4493-8D0A-17AB8E5A903B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702207:*:*:*:*:*:*", matchCriteriaId: "42AAA3B7-B74D-4B67-8BD3-1D9B5ED1E037", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702208:*:*:*:*:*:*", matchCriteriaId: "33CBCA55-010E-4E84-B2F8-F9B53D5A3340", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702209:*:*:*:*:*:*", matchCriteriaId: "95A73B4B-F9B3-4D66-9668-902902C73CB6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702210:*:*:*:*:*:*", matchCriteriaId: "8D14D51D-E2EA-4826-8C6E-AF1C15F12384", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702211:*:*:*:*:*:*", matchCriteriaId: "BED100A1-9D59-48BE-91D4-0C8F2D678E6E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702212:*:*:*:*:*:*", matchCriteriaId: "660B51F2-DFE0-49F6-AD2A-6E94B20F4019", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201703401:*:*:*:*:*:*", matchCriteriaId: "8BF80536-348A-468E-AC1C-DA53632FCC83", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*", matchCriteriaId: "FBA15143-734D-4889-8B5A-2445A2DDDD4B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*", matchCriteriaId: "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*", matchCriteriaId: "0D2ED442-3F6D-472A-AA98-51D05A65B2E0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*", matchCriteriaId: "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*", matchCriteriaId: "F948E806-0F73-4145-A723-7A43BA45842B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*", matchCriteriaId: "436F87D0-646B-44D8-ADB8-444D87971644", versionEndExcluding: "12.5.3", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "119CB5C4-DCF8-492C-924C-5FC46CE5463E", versionEndExcluding: "12.5.3", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*", matchCriteriaId: "E5D9E1FD-5D56-48E9-A09B-84CF4A9175EB", versionEndExcluding: "8.5.4", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", matchCriteriaId: "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.", }, { lang: "es", value: "VMware ESXi 6.5 sin el parche ESXi650-201707101-SG, ESXi 6.0 sin el parche ESXi600-201706101-SG, ESXi 5.5 sin el parche ESXi550-201709101-SG, Workstation (en versiones 12.x anteriores a la 12.5.3) y Fusion (en versiones 8.x anteriores a la 8.5.4) contienen una vulnerabilidad de desreferencia de puntero NULL. Este problema ocurre cuando se gestionan peticiones RPC por parte de un invitado. Si se explota esta vulnerabilidad con éxito, los atacantes con privilegios de usuario normal podrían provocar el cierre inesperado de sus máquinas virtuales.", }, ], id: "CVE-2017-4925", lastModified: "2024-11-21T03:26:40.853", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-09-15T13:29:00.243", references: [ { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/100842", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039367", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039368", }, { source: "security@vmware.com", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/100842", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039367", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039368", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0015.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-12-29 09:59
Modified
2025-04-12 10:46
Severity ?
Summary
Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation_player | 12.0.0 | |
| vmware | workstation_player | 12.0.1 | |
| vmware | workstation_player | 12.1.0 | |
| vmware | workstation_player | 12.1.1 | |
| vmware | workstation_pro | 12.0.0 | |
| vmware | workstation_pro | 12.0.1 | |
| vmware | workstation_pro | 12.1.0 | |
| vmware | workstation_pro | 12.1.1 | |
| microsoft | windows | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8ABE47D4-506C-4132-829B-19A61ED35F4A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "67CDB0AC-25B6-4397-9784-386C81C37352", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C48608C8-B7A6-47DD-8C78-44EB2B0D6C0C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "1787E49C-19A5-428D-9BEA-5500B3DD60F8", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E3E8337D-BC36-4910-A998-309D277D008C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "0E91FE31-B442-4EE3-A415-D635A5CCA6C2", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C67B92FB-CE89-479D-97DF-237C77BF307B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F44F5FBF-DD1D-41F8-A1EC-9720DBC89008", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.", }, { lang: "es", value: "Vulnerabilidad de ruta de búsqueda no confiable en el instalador en VMware Workstation Pro 12.x en versiones anteriores a 12.5.0 y VMware Workstation Player 12.x en versiones anteriores a 12.5.0 en Windows permite a usuarios locales obtener privilegios a través de un Troyano DLL en un directorio no especificado.", }, ], id: "CVE-2016-7085", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-12-29T09:59:00.447", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92940", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1036805", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92940", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036805", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-426", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-06-07 18:29
Modified
2024-11-21 03:26
Severity ?
Summary
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://www.securityfocus.com/bid/97160 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1038148 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1038149 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.vmware.com/security/advisories/VMSA-2017-0006.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97160 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038148 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038149 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2017-0006.html | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*", matchCriteriaId: "5DB0B91B-F8F6-456F-8FBD-7B98A9ABA95A", versionEndExcluding: "12.5.5", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "17F1AB0A-CD31-4FE7-AE1F-4C6A111D1C62", versionEndExcluding: "12.5.5", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:*", matchCriteriaId: "BB90FDCA-A848-4D4D-8A6F-FD04D702EC85", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:1:*:*:*:*:*:*", matchCriteriaId: "4DC223AC-EB3D-48CF-A6CC-D35E00A38394", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:2:*:*:*:*:*:*", matchCriteriaId: "75C8E87E-A869-49F8-89F9-DE64A45CDB35", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:3a:*:*:*:*:*:*", matchCriteriaId: "E7F8878C-F73D-4549-9607-74880176D2B0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:3b:*:*:*:*:*:*", matchCriteriaId: "E47D369F-13B2-42B3-BB74-60AAD0954B26", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*", matchCriteriaId: "3E8861F4-D390-4738-BBF0-9EE4684E9667", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:1:*:*:*:*:*:*", matchCriteriaId: "52403C80-3022-4E5B-B16A-24B116D1E6B9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:1a:*:*:*:*:*:*", matchCriteriaId: "FBECED2E-05FD-492E-8B57-9BB8ADA82444", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:1b:*:*:*:*:*:*", matchCriteriaId: "3C3FBBA4-01FA-45B5-AEDF-FFFE941163FE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:2:*:*:*:*:*:*", matchCriteriaId: "A63E3C72-3145-4661-BBCD-8A67EC0CDDF3", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:3:*:*:*:*:*:*", matchCriteriaId: "9159F6E1-6A36-4D3C-85B1-2205B90CD244", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:3a:*:*:*:*:*:*", matchCriteriaId: "C2C08C24-FBAC-49B8-AABF-4FF8BADA3412", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201504401:*:*:*:*:*:*", matchCriteriaId: "2B9D5E67-78C9-495E-91F0-AF94871E5FA2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201505401:*:*:*:*:*:*", matchCriteriaId: "6D35CDFE-F0E7-43F7-A307-E3BDDE5AEAD5", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507101:*:*:*:*:*:*", matchCriteriaId: "ADC13026-3B5A-4BF0-BDEC-B77338E427E8", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507102:*:*:*:*:*:*", matchCriteriaId: "6CBA70BA-FFCD-4D2D-AD26-95CC62748937", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507401:*:*:*:*:*:*", matchCriteriaId: "4C92DD8B-8AB8-40D4-8E86-12FEB055D37A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507402:*:*:*:*:*:*", matchCriteriaId: "C58D77F5-CDB2-47DA-A879-BABEBE2E1E04", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507403:*:*:*:*:*:*", matchCriteriaId: "D0C324FB-3989-4A4A-BF5B-C40CA698DDB7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507404:*:*:*:*:*:*", matchCriteriaId: "0E7AC58E-D1F8-4FDF-9A28-61CF6158330A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507405:*:*:*:*:*:*", matchCriteriaId: "489EE0F6-5510-470E-8711-DC08B4AFB4F7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507406:*:*:*:*:*:*", matchCriteriaId: "6719ED6F-CBC3-4B1E-9343-23DC3BA15FDA", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507407:*:*:*:*:*:*", matchCriteriaId: "DDAA48A9-9319-4104-B151-D529E5EBF0F7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509101:*:*:*:*:*:*", matchCriteriaId: "D16CD918-5075-4975-8B1E-21D8AD35A28E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509102:*:*:*:*:*:*", matchCriteriaId: "7A38CD8E-494D-4E0E-A300-8550FC81FAE4", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509201:*:*:*:*:*:*", matchCriteriaId: "1F40ABE8-8DED-4633-A34C-00DF5D510E71", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509202:*:*:*:*:*:*", matchCriteriaId: "1736B975-089B-413C-8CA0-5524B957EF9A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509203:*:*:*:*:*:*", matchCriteriaId: "0E4DCBF6-7189-497A-B923-08574443172C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509204:*:*:*:*:*:*", matchCriteriaId: "16FBA646-0B5E-44A7-BB12-29D5C611AEC5", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509205:*:*:*:*:*:*", matchCriteriaId: "29F57497-7B48-4D0C-B8F5-8D33062BECEE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509206:*:*:*:*:*:*", matchCriteriaId: "ADDE96C7-C489-4D14-990B-8524627A23D2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509207:*:*:*:*:*:*", matchCriteriaId: "AD82C093-FD98-45DE-9EE6-A05E81A1FEC6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509208:*:*:*:*:*:*", matchCriteriaId: "08789F9E-CDC7-4F89-B925-92C9E3AE5234", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509209:*:*:*:*:*:*", matchCriteriaId: "26ABB84C-B4BF-424E-8F4C-D2B6BE0AC79E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509210:*:*:*:*:*:*", matchCriteriaId: "621C203B-4B66-49CC-A35D-D7703109BF14", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201510401:*:*:*:*:*:*", matchCriteriaId: "3261BDEF-D89C-41D9-A360-EC36EAB17490", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201511401:*:*:*:*:*:*", matchCriteriaId: "5170A4F6-02B7-4225-B944-73DB5A4D332C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601101:*:*:*:*:*:*", matchCriteriaId: "62A97DBA-A56B-4F0B-B9C4-44B5166681AF", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601102:*:*:*:*:*:*", matchCriteriaId: "806C8BE6-A2BE-45BE-BEF2-396BEB16FCC3", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601401:*:*:*:*:*:*", matchCriteriaId: "DBA6211E-134A-484E-8444-FBB5070B395D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601402:*:*:*:*:*:*", matchCriteriaId: "3E7B05B3-4076-4A44-B9A6-A44419F175C2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601403:*:*:*:*:*:*", matchCriteriaId: "1A1636B4-6E79-42D7-AA62-5EE43412B43A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601404:*:*:*:*:*:*", matchCriteriaId: "0F0377D0-BBED-41BF-80C5-58414ED413EE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601405:*:*:*:*:*:*", matchCriteriaId: "6495283C-D18A-4DDA-852E-46F2273D6DAC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201602401:*:*:*:*:*:*", matchCriteriaId: "09DEFEE5-5E9E-4F3A-A245-3E8E2B291339", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603101:*:*:*:*:*:*", matchCriteriaId: "4B5A97A3-65DB-4697-9CF1-B4F5E4E4132F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603102:*:*:*:*:*:*", matchCriteriaId: "17A84E0A-1429-467F-9EE1-FCA062392DC2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603201:*:*:*:*:*:*", matchCriteriaId: "C591163D-64BC-403B-A460-5B2258EC2F8A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603202:*:*:*:*:*:*", matchCriteriaId: "ED932B89-D34D-4398-8F79-AF98987CAFD0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603203:*:*:*:*:*:*", matchCriteriaId: "ABD365A0-0B09-4EC2-9973-691144C99507", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603204:*:*:*:*:*:*", matchCriteriaId: "FBE64DC7-A9D1-416F-89BF-D9F8DD8174AA", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603205:*:*:*:*:*:*", matchCriteriaId: "0E198AE4-A6A3-4875-A7DA-44BE9E1B280F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603206:*:*:*:*:*:*", matchCriteriaId: "2FDD5BA0-8180-484D-8308-B0862B6E9DC3", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603207:*:*:*:*:*:*", matchCriteriaId: "96A6EB9A-A908-42D1-A6BC-E38E861BBECE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603208:*:*:*:*:*:*", matchCriteriaId: "651EDCAA-D785-464D-AE41-425A69F6FFB7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201605401:*:*:*:*:*:*", matchCriteriaId: "1B3C704C-9D60-4F72-B482-07F209985E68", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608101:*:*:*:*:*:*", matchCriteriaId: "C1CFE956-4391-4B71-BD0B-96A008A624B7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608401:*:*:*:*:*:*", matchCriteriaId: "409778CD-9AB3-4793-A5F5-8D8657F81442", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608402:*:*:*:*:*:*", matchCriteriaId: "F7EA75DB-B6BE-4E75-89B6-C69E96CBD7BF", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608403:*:*:*:*:*:*", matchCriteriaId: "0DC45A8B-6DE0-465F-9644-B75A09394F25", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608404:*:*:*:*:*:*", matchCriteriaId: "7A265671-BCB0-401A-A1E8-500F9D41492E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608405:*:*:*:*:*:*", matchCriteriaId: "83168067-1E43-4186-9B15-3FC702C6583C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201610410:*:*:*:*:*:*", matchCriteriaId: "8C122DB4-8410-4C4E-87BE-EB3175CE182B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201611401:*:*:*:*:*:*", matchCriteriaId: "C76ED78D-0778-4269-938E-BB7586C1E44E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201611402:*:*:*:*:*:*", matchCriteriaId: "7A1F78C5-E995-4E37-83C5-5B6A1D39E549", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201611403:*:*:*:*:*:*", matchCriteriaId: "7A2E842D-AF37-4641-AD05-B91F250E7487", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702101:*:*:*:*:*:*", matchCriteriaId: "A07EAC87-32FD-4553-B71D-181F2C66AE68", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702102:*:*:*:*:*:*", matchCriteriaId: "AD6F0D62-4C51-46D6-A6C4-E479BE6B2C91", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702201:*:*:*:*:*:*", matchCriteriaId: "865D3042-68ED-44B9-A036-9433F7463D6F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702202:*:*:*:*:*:*", matchCriteriaId: "FC4FEF78-D2DA-4CCE-BB81-7E2090ED545C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702203:*:*:*:*:*:*", matchCriteriaId: "11AE3F61-9655-4B20-96E1-92112BE2BEDC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702204:*:*:*:*:*:*", matchCriteriaId: "ECE35166-3019-450B-9C69-484E4EDE5A6D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702205:*:*:*:*:*:*", matchCriteriaId: "D892B066-381B-4F46-8363-7BA1647BBCD8", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702206:*:*:*:*:*:*", matchCriteriaId: "710DB381-5504-4493-8D0A-17AB8E5A903B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702207:*:*:*:*:*:*", matchCriteriaId: "42AAA3B7-B74D-4B67-8BD3-1D9B5ED1E037", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702208:*:*:*:*:*:*", matchCriteriaId: "33CBCA55-010E-4E84-B2F8-F9B53D5A3340", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702209:*:*:*:*:*:*", matchCriteriaId: "95A73B4B-F9B3-4D66-9668-902902C73CB6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702210:*:*:*:*:*:*", matchCriteriaId: "8D14D51D-E2EA-4826-8C6E-AF1C15F12384", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702211:*:*:*:*:*:*", matchCriteriaId: "BED100A1-9D59-48BE-91D4-0C8F2D678E6E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702212:*:*:*:*:*:*", matchCriteriaId: "660B51F2-DFE0-49F6-AD2A-6E94B20F4019", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*", matchCriteriaId: "FBA15143-734D-4889-8B5A-2445A2DDDD4B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*", matchCriteriaId: "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*", matchCriteriaId: "0D2ED442-3F6D-472A-AA98-51D05A65B2E0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*", matchCriteriaId: "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*", matchCriteriaId: "C05F1671-5010-4BB5-BFA7-217FBB946B59", versionEndExcluding: "8.5.6", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "AB3E0004-E6F1-4C0D-9B24-A7F1AF4BCBD8", versionEndExcluding: "8.5.6", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", matchCriteriaId: "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host.", }, { lang: "es", value: "ESXi versiones 6.5 sin el parche ESXi650-201703410-SG, 6.0 U3 sin el parche ESXi600-201703401-SG, 6.0 U2 sin el parche ESXi600-201703403-SG, 6.0 U1 sin el parche ESXi600-201703402-SG, y 5.5 sin el parche ESXi550-20-20170140; Workstation Pro / Player versión 12.x anterior de 12.5.5; y Fusion Pro / Fusion versiones 8.x anterior a 8.5.6 de VMware, presenta un uso de memoria de la pila no inicializada en SVGA. Este problema puede permitir a un invitado ejecutar código en el host.", }, ], id: "CVE-2017-4903", lastModified: "2024-11-21T03:26:38.223", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-06-07T18:29:00.350", references: [ { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97160", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038148", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038149", }, { source: "security@vmware.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97160", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038148", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038149", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-06-07 18:29
Modified
2024-11-21 03:26
Severity ?
Summary
VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://www.securityfocus.com/bid/96772 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1037979 | ||
| security@vmware.com | http://www.vmware.com/security/advisories/VMSA-2017-0003.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96772 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037979 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2017-0003.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation_player | 12.0.0 | |
| vmware | workstation_player | 12.0.1 | |
| vmware | workstation_player | 12.1.0 | |
| vmware | workstation_player | 12.5.0 | |
| vmware | workstation_player | 12.5.1 | |
| vmware | workstation_player | 12.5.2 | |
| vmware | workstation_pro | 12.0.0 | |
| vmware | workstation_pro | 12.0.1 | |
| vmware | workstation_pro | 12.1.0 | |
| vmware | workstation_pro | 12.5.0 | |
| vmware | workstation_pro | 12.5.1 | |
| vmware | workstation_pro | 12.5.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8ABE47D4-506C-4132-829B-19A61ED35F4A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "67CDB0AC-25B6-4397-9784-386C81C37352", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C48608C8-B7A6-47DD-8C78-44EB2B0D6C0C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.0:*:*:*:*:*:*:*", matchCriteriaId: "8E1D4E53-DEB3-4143-B619-4431DB47341F", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.1:*:*:*:*:*:*:*", matchCriteriaId: "C83B3D50-43FF-4034-9C75-F44939D60378", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.2:*:*:*:*:*:*:*", matchCriteriaId: "A1613CB4-1088-40F1-A5E8-584284A980D0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E3E8337D-BC36-4910-A998-309D277D008C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "0E91FE31-B442-4EE3-A415-D635A5CCA6C2", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C67B92FB-CE89-479D-97DF-237C77BF307B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8A83855-1411-4CA8-A005-5AA58D1CB32A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.1:*:*:*:*:*:*:*", matchCriteriaId: "3516D484-83AF-470E-9E9A-AFE3BBE4F75D", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.2:*:*:*:*:*:*:*", matchCriteriaId: "2F5A845C-E2CA-4C3A-8019-22C7DC2EA6DB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the \"vmware-vmx\" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed.", }, { lang: "es", value: "Workstation Pro/Player versiones 12.x anteriores a 12.5.3 de VMware, contiene una vulnerabilidad de carga de DLL que ocurre debido al proceso \"vmware-vmx\" que carga archivos DLL desde una ruta (path) definida en la variable de entorno local. La explotación con éxito de este problema puede permitir a los usuarios normales escalar privilegios al sistema en la máquina host donde está instalada Workstation de VMware.", }, ], id: "CVE-2017-4898", lastModified: "2024-11-21T03:26:37.573", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-06-07T18:29:00.210", references: [ { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/96772", }, { source: "security@vmware.com", url: "http://www.securitytracker.com/id/1037979", }, { source: "security@vmware.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/96772", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1037979", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-12-29 09:59
Modified
2025-04-12 10:46
Severity ?
Summary
tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via a JPEG 2000 image.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation_player | 12.0.0 | |
| vmware | workstation_player | 12.0.1 | |
| vmware | workstation_player | 12.1.0 | |
| vmware | workstation_player | 12.1.1 | |
| vmware | workstation_pro | 12.0.0 | |
| vmware | workstation_pro | 12.0.1 | |
| vmware | workstation_pro | 12.1.0 | |
| vmware | workstation_pro | 12.1.1 | |
| microsoft | windows | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8ABE47D4-506C-4132-829B-19A61ED35F4A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "67CDB0AC-25B6-4397-9784-386C81C37352", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C48608C8-B7A6-47DD-8C78-44EB2B0D6C0C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "1787E49C-19A5-428D-9BEA-5500B3DD60F8", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E3E8337D-BC36-4910-A998-309D277D008C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "0E91FE31-B442-4EE3-A415-D635A5CCA6C2", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C67B92FB-CE89-479D-97DF-237C77BF307B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F44F5FBF-DD1D-41F8-A1EC-9720DBC89008", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via a JPEG 2000 image.", }, { lang: "es", value: "tpview.dll en VMware Workstation Pro 12.x en versiones anteriores a 12.5.0 y VMware Workstation Player 12.x en versiones anteriores a 12.5.0 en Windows, cuando la impresión virtual Cortado ThinPrint está habilitada, permite a usuarios invitados del SO ejecutar código arbitrario en el SO anfitrión o provocar una denegación de servicio (corrupción de memoria del SO anfitrión) a través de una imagen JPEG 2000.", }, ], id: "CVE-2016-7084", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.1, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-12-29T09:59:00.413", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92934", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1036805", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { source: "cve@mitre.org", url: "https://www.exploit-db.com/exploits/40399/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92934", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036805", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/40399/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-16 17:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMR STRETCHDIBITS parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | horizon_client | * | |
| vmware | workstation_player | * | |
| vmware | workstation_pro | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:horizon_client:*:*:*:*:*:windows:*:*", matchCriteriaId: "6601BC5A-C99B-4B9A-A112-C4382C04171C", versionEndExcluding: "5.4.4", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*", matchCriteriaId: "D5C1D4AB-9A63-4660-B07A-5A78B3D16962", versionEndExcluding: "16.0.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "14D38E88-C39B-4DB7-91E6-3EBE20ED27FC", versionEndExcluding: "16.0.0", versionStartIncluding: "15.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMR STRETCHDIBITS parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.", }, { lang: "es", value: "VMware Workstation (versión 15.x) y Horizon Client para Windows (versión 5.x anteriores a 5.4.4), contienen una vulnerabilidad de lectura fuera de límites en el componente Cortado ThinPrint (analizador EMR STRETCHDIBITS). Un actor malicioso con acceso normal a una máquina virtual puede explotar estos problemas para crear una condición de denegación de servicio parcial o para filtrar la memoria del proceso TPView que se ejecuta en el sistema donde está instalada Workstation o Horizon Client para Windows", }, ], id: "CVE-2020-3987", lastModified: "2024-11-21T05:32:07.023", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.6, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-16T17:15:13.957", references: [ { source: "security@vmware.com", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-12-29 09:59
Modified
2025-04-12 10:46
Severity ?
Summary
The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://www.securityfocus.com/bid/94280 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1037282 | ||
| security@vmware.com | http://www.vmware.com/security/advisories/VMSA-2016-0019.html | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94280 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037282 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2016-0019.html | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | fusion | 8.0.0 | |
| vmware | fusion | 8.0.1 | |
| vmware | fusion | 8.0.2 | |
| vmware | fusion | 8.1.0 | |
| vmware | fusion | 8.1.1 | |
| vmware | fusion | 8.5.0 | |
| vmware | fusion | 8.5.1 | |
| vmware | fusion_pro | 8.0.0 | |
| vmware | fusion_pro | 8.0.1 | |
| vmware | fusion_pro | 8.0.2 | |
| vmware | fusion_pro | 8.1.0 | |
| vmware | fusion_pro | 8.1.1 | |
| vmware | fusion_pro | 8.5.0 | |
| vmware | fusion_pro | 8.5.1 | |
| vmware | workstation_player | 12.0.0 | |
| vmware | workstation_player | 12.0.1 | |
| vmware | workstation_player | 12.1.0 | |
| vmware | workstation_player | 12.1.1 | |
| vmware | workstation_player | 12.5.0 | |
| vmware | workstation_player | 12.5.1 | |
| vmware | workstation_pro | 12.0.0 | |
| vmware | workstation_pro | 12.0.1 | |
| vmware | workstation_pro | 12.1.0 | |
| vmware | workstation_pro | 12.1.1 | |
| vmware | workstation_pro | 12.5.0 | |
| vmware | workstation_pro | 12.5.1 | |
| microsoft | windows | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:fusion:8.0.0:*:*:*:*:*:*:*", matchCriteriaId: "25BBD4C7-C851-4D40-B6DD-92873319CD28", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.0.1:*:*:*:*:*:*:*", matchCriteriaId: "20453B9E-D3AD-403F-B1A5-FB3300FBB0C0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.0.2:*:*:*:*:*:*:*", matchCriteriaId: "6759F732-8E65-49F7-B46C-B1E3F856B11D", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "DDD345B3-810C-41D1-82CE-0CA0B4B1F5DF", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.1.1:*:*:*:*:*:*:*", matchCriteriaId: "D91C182F-A8D2-4ABF-B202-261056EF93D1", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.5.0:*:*:*:*:*:*:*", matchCriteriaId: "768A4D3B-CC19-4A3A-91D5-9C974F7F0247", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.5.1:*:*:*:*:*:*:*", matchCriteriaId: "A0C5D443-A330-40DF-939B-10597147CE7A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion_pro:8.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C5E09EA3-24E4-43A2-8AE7-6844A6F8F73A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion_pro:8.0.1:*:*:*:*:*:*:*", matchCriteriaId: "F62099A3-2331-4F1E-A994-D3CCE2B7171C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion_pro:8.0.2:*:*:*:*:*:*:*", matchCriteriaId: "12BA4C61-5604-4354-BD84-CE275EFA8442", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion_pro:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "3C90A36A-1FA7-45BB-937E-F7A5FD0914A3", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion_pro:8.1.1:*:*:*:*:*:*:*", matchCriteriaId: "C384CC3F-EC56-4AA5-835B-ECCCDE2EC17E", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion_pro:8.5.0:*:*:*:*:*:*:*", matchCriteriaId: "20A7D995-BB46-4464-9E82-D836EDE72DCB", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion_pro:8.5.1:*:*:*:*:*:*:*", matchCriteriaId: "DEB7D35F-6BF1-4076-ABA3-B580CE69D922", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8ABE47D4-506C-4132-829B-19A61ED35F4A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "67CDB0AC-25B6-4397-9784-386C81C37352", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C48608C8-B7A6-47DD-8C78-44EB2B0D6C0C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "1787E49C-19A5-428D-9BEA-5500B3DD60F8", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.0:*:*:*:*:*:*:*", matchCriteriaId: "8E1D4E53-DEB3-4143-B619-4431DB47341F", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.1:*:*:*:*:*:*:*", matchCriteriaId: "C83B3D50-43FF-4034-9C75-F44939D60378", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E3E8337D-BC36-4910-A998-309D277D008C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "0E91FE31-B442-4EE3-A415-D635A5CCA6C2", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C67B92FB-CE89-479D-97DF-237C77BF307B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F44F5FBF-DD1D-41F8-A1EC-9720DBC89008", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8A83855-1411-4CA8-A005-5AA58D1CB32A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.1:*:*:*:*:*:*:*", matchCriteriaId: "3516D484-83AF-470E-9E9A-AFE3BBE4F75D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors.", }, { lang: "es", value: "La función de arrastrar y soltar (también conocida como DnD) en VMware Workstation Pro 12.x en versiones anteriores a 12.5.2 y VMware Workstation Player 12.x en versiones anteriores a 12.5.2 y VMware Fusion y Fusion Pro 8.x en versiones anteriores a 8.5.2 permite a usuarios invitados de SO ejecutar código arbitrario en el SO anfitrión o provocar una denegación de servicio (acceso a memoria fuera de límites en el SO anfitrión) a través de vectores no especificados.", }, ], id: "CVE-2016-7461", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-12-29T09:59:00.697", references: [ { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94280", }, { source: "security@vmware.com", url: "http://www.securitytracker.com/id/1037282", }, { source: "security@vmware.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1037282", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0019.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-08-08 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*", matchCriteriaId: "2CB2D70B-0044-42DB-B823-CC7EF5D836E3", versionEndExcluding: "12.1.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "0F922894-BCAF-4807-8D2F-439578088E6B", versionEndExcluding: "12.1.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:*:*:*:*:*:*:*:*", matchCriteriaId: "B5D37AF0-1CE9-413B-B2CD-67ABA217185B", versionEndIncluding: "6.0", versionStartIncluding: "5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*", matchCriteriaId: "B2197947-1CFC-4A5E-ACED-3EABD2BADB80", versionEndExcluding: "8.1.1", versionStartIncluding: "8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", matchCriteriaId: "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:tools:*:*:*:*:*:*:*:*", matchCriteriaId: "D2449175-330C-47FE-9AE6-BA7AD91D3DA0", versionEndIncluding: "10.3.22", versionStartIncluding: "9.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.", }, { lang: "es", value: "Vulnerabilidad de búsqueda de ruta no confiable en la característica HGFS (también conocido como Shared Folders) en VMware Tools 10.0.5 en VMware ESXi 5.0 hasta la versión 6.0, VMware Workstation Pro 12.1.x en versiones anteriores a 12.1.1, VMware Workstation Player 12.1.x en versiones anteriores a 12.1.1 y VMware Fusion 8.1.x en versiones anteriores a 8.1.1 permite a usuarios locales obtener privilegios a través de una libreria troyanizada o fichero DLL troyanizado en el directorio de trabajo actual", }, ], id: "CVE-2016-5330", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-08-08T01:59:16.463", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/539131/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92323", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036544", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036545", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036619", }, { source: "cve@mitre.org", tags: [ "Mitigation", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0010.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/539131/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92323", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036544", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036545", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036619", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-426", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-09-15 13:29
Modified
2024-11-21 03:26
Severity ?
Summary
VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*", matchCriteriaId: "92BB0EFB-2FDE-4C23-81D6-A706C380F83C", versionEndExcluding: "8.5.8", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "F5298092-7D33-4BB6-954E-4DECA2C554EB", versionEndExcluding: "12.5.7", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*", matchCriteriaId: "FBA15143-734D-4889-8B5A-2445A2DDDD4B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*", matchCriteriaId: "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*", matchCriteriaId: "0D2ED442-3F6D-472A-AA98-51D05A65B2E0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*", matchCriteriaId: "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*", matchCriteriaId: "F948E806-0F73-4145-A723-7A43BA45842B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host.", }, { lang: "es", value: "VMware ESXi (ESXi 6.5 sin el parche ESXi650-201707101-SG), Workstation (en versiones 12.x anteriores a la 12.5.7) y Fusion (en versiones 8.x anteriores a la 8.5.8) contienen una vulnerabilidad de escritura fuera de límites en un dispositivo SVGA. Este problema podría permitir que un invitado ejecute código en el host.", }, ], id: "CVE-2017-4924", lastModified: "2024-11-21T03:26:40.700", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-09-15T13:29:00.197", references: [ { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/100843", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039365", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039366", }, { source: "security@vmware.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://0patch.blogspot.com/2017/10/micropatching-hypervisor-with-running.html", }, { source: "security@vmware.com", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/100843", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039365", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039366", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://0patch.blogspot.com/2017/10/micropatching-hypervisor-with-running.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0015.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-06-07 18:29
Modified
2024-11-21 03:26
Severity ?
Summary
The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://www.securityfocus.com/bid/97165 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1038148 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1038149 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.vmware.com/security/advisories/VMSA-2017-0006.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97165 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038148 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038149 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2017-0006.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | fusion | * | |
| vmware | fusion_pro | * | |
| apple | mac_os_x | - | |
| vmware | workstation_player | * | |
| vmware | workstation_pro | * | |
| vmware | esxi | 5.5 | |
| vmware | esxi | 5.5 | |
| vmware | esxi | 5.5 | |
| vmware | esxi | 5.5 | |
| vmware | esxi | 5.5 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*", matchCriteriaId: "C05F1671-5010-4BB5-BFA7-217FBB946B59", versionEndExcluding: "8.5.6", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "AB3E0004-E6F1-4C0D-9B24-A7F1AF4BCBD8", versionEndExcluding: "8.5.6", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", matchCriteriaId: "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*", matchCriteriaId: "5DB0B91B-F8F6-456F-8FBD-7B98A9ABA95A", versionEndExcluding: "12.5.5", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "17F1AB0A-CD31-4FE7-AE1F-4C6A111D1C62", versionEndExcluding: "12.5.5", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:*", matchCriteriaId: "BB90FDCA-A848-4D4D-8A6F-FD04D702EC85", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:1:*:*:*:*:*:*", matchCriteriaId: "4DC223AC-EB3D-48CF-A6CC-D35E00A38394", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:2:*:*:*:*:*:*", matchCriteriaId: "75C8E87E-A869-49F8-89F9-DE64A45CDB35", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:3a:*:*:*:*:*:*", matchCriteriaId: "E7F8878C-F73D-4549-9607-74880176D2B0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5:3b:*:*:*:*:*:*", matchCriteriaId: "E47D369F-13B2-42B3-BB74-60AAD0954B26", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*", matchCriteriaId: "3E8861F4-D390-4738-BBF0-9EE4684E9667", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:1:*:*:*:*:*:*", matchCriteriaId: "52403C80-3022-4E5B-B16A-24B116D1E6B9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:1a:*:*:*:*:*:*", matchCriteriaId: "FBECED2E-05FD-492E-8B57-9BB8ADA82444", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:1b:*:*:*:*:*:*", matchCriteriaId: "3C3FBBA4-01FA-45B5-AEDF-FFFE941163FE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:2:*:*:*:*:*:*", matchCriteriaId: "A63E3C72-3145-4661-BBCD-8A67EC0CDDF3", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:3:*:*:*:*:*:*", matchCriteriaId: "9159F6E1-6A36-4D3C-85B1-2205B90CD244", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:3a:*:*:*:*:*:*", matchCriteriaId: "C2C08C24-FBAC-49B8-AABF-4FF8BADA3412", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*", matchCriteriaId: "FBA15143-734D-4889-8B5A-2445A2DDDD4B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5.", }, { lang: "es", value: "El controlador XHCI en ESXi versiones 6.5 sin parche ESXi650-201703410-SG, 6.0 U3 sin parche ESXi600-201703401-SG, 6.0 U2 sin parche ESXi600-201703403-SG, 6.0 U1 sin parche ESXi600-201703402-SG, y 5.5 sin parche ESXi550 -201703401-SG; Workstation Pro / Player versiones 12.x anteriores a 12.5.5; y Fusion Pro / Fusion versiones 8.x anteriores a 8.5.6 de VMware, presenta un uso de memoria no inicializada. Este problema puede permitir a un invitado ejecutar código en el host. El problema es reducido a una Denegación de Servicio del invitado en ESXi versión 5.5.", }, ], id: "CVE-2017-4904", lastModified: "2024-11-21T03:26:38.363", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-06-07T18:29:00.397", references: [ { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97165", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038148", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038149", }, { source: "security@vmware.com", tags: [ "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97165", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038148", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038149", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-12-29 09:59
Modified
2025-04-12 10:46
Severity ?
Summary
The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation_player | 12.0.0 | |
| vmware | workstation_player | 12.0.1 | |
| vmware | workstation_player | 12.1.0 | |
| vmware | workstation_player | 12.1.1 | |
| vmware | workstation_pro | 12.0.0 | |
| vmware | workstation_pro | 12.0.1 | |
| vmware | workstation_pro | 12.1.0 | |
| vmware | workstation_pro | 12.1.1 | |
| microsoft | windows | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8ABE47D4-506C-4132-829B-19A61ED35F4A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "67CDB0AC-25B6-4397-9784-386C81C37352", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C48608C8-B7A6-47DD-8C78-44EB2B0D6C0C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "1787E49C-19A5-428D-9BEA-5500B3DD60F8", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E3E8337D-BC36-4910-A998-309D277D008C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "0E91FE31-B442-4EE3-A415-D635A5CCA6C2", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C67B92FB-CE89-479D-97DF-237C77BF307B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F44F5FBF-DD1D-41F8-A1EC-9720DBC89008", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory.", }, { lang: "es", value: "El instalador en VMware Workstation Pro 12.x en versiones anteriores a 12.5.0 y VMware Workstation Player 12.x en versiones anteriores a 12.5.0 en Windows permite a usuarios locales obtener privilegios a través de un archivo Troyano setup64.exe en el directorio de instalación.", }, ], id: "CVE-2016-7086", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-12-29T09:59:00.477", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92941", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1036805", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92941", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036805", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-05-22 14:29
Modified
2024-11-21 03:26
Severity ?
Summary
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation_player | 12.0.0 | |
| vmware | workstation_pro | 12.0.0 | |
| linux | linux_kernel | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8ABE47D4-506C-4132-829B-19A61ED35F4A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E3E8337D-BC36-4910-A998-309D277D008C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine.", }, { lang: "es", value: "Workstation Pro/Player de VMware, contiene una vulnerabilidad de carga de biblioteca no segura por medio de los archivos de configuración del controlador de sonido ALSA. La explotación con éxito de este problema puede permitir a los usuarios del host sin privilegios escalar sus privilegios a root en una máquina host de Linux.", }, ], id: "CVE-2017-4915", lastModified: "2024-11-21T03:26:39.610", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-05-22T14:29:00.183", references: [ { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/98566", }, { source: "security@vmware.com", url: "http://www.securitytracker.com/id/1038525", }, { source: "security@vmware.com", url: "https://www.exploit-db.com/exploits/42045/", }, { source: "security@vmware.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/98566", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1038525", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/42045/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0009.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-03-15 19:29
Modified
2024-11-21 04:11
Severity ?
Summary
VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://www.securityfocus.com/bid/103431 | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://www.securitytracker.com/id/1040539 | Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2018-0008.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103431 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040539 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2018-0008.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "01DDAE03-7486-4F2E-99CD-CD400CB0F72F", versionEndExcluding: "14.1.1", versionStartIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.0:*:*:*:*:*:*:*", matchCriteriaId: "14CAB08C-37EE-40F9-B4C7-9DD5FD6DFDFB", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1:*:*:*:*:*:*:*", matchCriteriaId: "00F69EAD-F5CD-43C9-921A-7AD78C362EDC", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.01:*:*:*:*:*:*:*", matchCriteriaId: "EA738637-C31F-487F-B2E5-2B03AE9BE89D", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F44F5FBF-DD1D-41F8-A1EC-9720DBC89008", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5:*:*:*:*:*:*:*", matchCriteriaId: "9BDBF213-94A3-4C13-B17F-3903B6C6D7DF", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.1:*:*:*:*:*:*:*", matchCriteriaId: "3516D484-83AF-470E-9E9A-AFE3BBE4F75D", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.2:*:*:*:*:*:*:*", matchCriteriaId: "2F5A845C-E2CA-4C3A-8019-22C7DC2EA6DB", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.3:*:*:*:*:*:*:*", matchCriteriaId: "8BB1B255-E6CD-439D-A871-81D8D1A1757E", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.4:*:*:*:*:*:*:*", matchCriteriaId: "8000ABCB-2017-41AB-9C94-BF183A840F0C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.5:*:*:*:*:*:*:*", matchCriteriaId: "B53C77FA-7370-4773-9BFE-439514EE5A50", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.6:*:*:*:*:*:*:*", matchCriteriaId: "A905AAA0-B3CE-47B4-A3C4-13DAC53B8DDE", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_pro:12.5.7:*:*:*:*:*:*:*", matchCriteriaId: "044BF7CD-E0C7-4FFA-B5BB-0907CD65E353", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*", matchCriteriaId: "119D5B47-E905-4AE2-B423-4096142E2DCF", versionEndExcluding: "14.1.1", versionStartIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.0:*:*:*:*:*:*:*", matchCriteriaId: "C6BFE98E-486A-4ABC-B5A3-264459900387", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*", matchCriteriaId: "67CDB0AC-25B6-4397-9784-386C81C37352", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1:*:*:*:*:*:*:*", matchCriteriaId: "FD0DB274-B645-445C-9558-4F42FEAACF0F", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "1787E49C-19A5-428D-9BEA-5500B3DD60F8", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5:*:*:*:*:*:*:*", matchCriteriaId: "BCB2C59D-2F2E-4D2D-B552-8425FB795687", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.1:*:*:*:*:*:*:*", matchCriteriaId: "C83B3D50-43FF-4034-9C75-F44939D60378", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.2:*:*:*:*:*:*:*", matchCriteriaId: "A1613CB4-1088-40F1-A5E8-584284A980D0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.3:*:*:*:*:*:*:*", matchCriteriaId: "4668751B-92FD-46ED-A19D-7853F30FC5A2", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.4:*:*:*:*:*:*:*", matchCriteriaId: "B166B022-46C1-4C4A-8428-7489F1D34A82", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.5:*:*:*:*:*:*:*", matchCriteriaId: "E46DF6A3-E8DE-4EDF-872E-2BD44235C91C", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.6:*:*:*:*:*:*:*", matchCriteriaId: "07F861F9-E59D-4A25-8AC2-8C8C9FE11FB8", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation_player:12.5.7:*:*:*:*:*:*:*", matchCriteriaId: "7358D7A7-72E2-4A77-B15A-CB80D8DE945D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:fusion:8.0:*:*:*:*:*:*:*", matchCriteriaId: "61B23099-25EB-44B6-A62B-2E46CD151994", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.0.1:*:*:*:*:*:*:*", matchCriteriaId: "20453B9E-D3AD-403F-B1A5-FB3300FBB0C0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.0.2:*:*:*:*:*:*:*", matchCriteriaId: "6759F732-8E65-49F7-B46C-B1E3F856B11D", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.1:*:*:*:*:*:*:*", matchCriteriaId: "A55F26BA-4AFA-419A-BB0E-5C369F58F126", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.1.1:*:*:*:*:*:*:*", matchCriteriaId: "D91C182F-A8D2-4ABF-B202-261056EF93D1", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.5:*:*:*:*:*:*:*", matchCriteriaId: "B34B944F-073D-4B52-8B92-0620603885DC", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.5.1:*:*:*:*:*:*:*", matchCriteriaId: "A0C5D443-A330-40DF-939B-10597147CE7A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.5.2:*:*:*:*:*:*:*", matchCriteriaId: "42BF8A2A-295D-44D6-A38E-D4C35437F380", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.5.3:*:*:*:*:*:*:*", matchCriteriaId: "DC08D3D5-5D46-45C7-BD43-81E1D18FAB31", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.5.4:*:*:*:*:*:*:*", matchCriteriaId: "574DB25B-51E1-466A-8089-5108DB5D6FBD", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.5.5:*:*:*:*:*:*:*", matchCriteriaId: "0BF7F09F-D8B3-40AF-9111-E7C14832C5A0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.5.6:*:*:*:*:*:*:*", matchCriteriaId: "555DD10F-7EA8-4107-A31F-2C7CED41058D", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.5.7:*:*:*:*:*:*:*", matchCriteriaId: "7EE4888B-156C-48BC-8035-3A0424CB6037", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:fusion:8.5.8:*:*:*:*:*:*:*", matchCriteriaId: "6D4DA202-3D18-4DDC-89E4-81FFF68EDFD0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*", matchCriteriaId: "F7419FA0-119C-4C1C-A071-90A9F8ECDB32", versionEndExcluding: "10.1.1", versionStartIncluding: "10.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled.", }, { lang: "es", value: "VMware Workstation (versiones 14.x anteriores a la 14.1.1 y 12.x) y Fusion (10.x anteriores a la 10.1.1 y 8.x) contiene una vulnerabilidad de denegación de servicio (DoS) que se puede desencadenar al abrir un número excesivo de sesiones VNC. Nota: Para que su explotación sea posible en Workstation y Fusion, se debe habilitar VNC manualmente.", }, ], id: "CVE-2018-6957", lastModified: "2024-11-21T04:11:28.850", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-03-15T19:29:01.343", references: [ { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103431", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040539", }, { source: "security@vmware.com", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2018-0008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040539", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.vmware.com/security/advisories/VMSA-2018-0008.html", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-772", }, { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2016-5330
Vulnerability from cvelistv5
Published
2016-08-08 01:00
Modified
2024-08-06 01:00
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036544 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036619 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/92323 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2016-0010.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/539131/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id/1036545 | vdb-entry, x_refsource_SECTRACK | |
| https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html | x_refsource_MISC | |
| http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:00:58.026Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1036544", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036544", }, { name: "1036619", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036619", }, { name: "92323", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92323", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0010.html", }, { name: "20160805 DLL side loading vulnerability in VMware Host Guest Client Redirector", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/539131/100/0/threaded", }, { name: "1036545", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036545", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-08-04T00:00:00", descriptions: [ { lang: "en", value: "Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "1036544", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036544", }, { name: "1036619", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036619", }, { name: "92323", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92323", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0010.html", }, { name: "20160805 DLL side loading vulnerability in VMware Host Guest Client Redirector", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/539131/100/0/threaded", }, { name: "1036545", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036545", }, { tags: [ "x_refsource_MISC", ], url: "https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html", }, { tags: [ "x_refsource_MISC", ], url: "http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-5330", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1036544", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036544", }, { name: "1036619", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036619", }, { name: "92323", refsource: "BID", url: "http://www.securityfocus.com/bid/92323", }, { name: "http://www.vmware.com/security/advisories/VMSA-2016-0010.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2016-0010.html", }, { name: "20160805 DLL side loading vulnerability in VMware Host Guest Client Redirector", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/539131/100/0/threaded", }, { name: "1036545", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036545", }, { name: "https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html", refsource: "MISC", url: "https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html", }, { name: "http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload", refsource: "MISC", url: "http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-5330", datePublished: "2016-08-08T01:00:00", dateReserved: "2016-06-07T00:00:00", dateUpdated: "2024-08-06T01:00:58.026Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-7082
Vulnerability from cvelistv5
Published
2016-12-29 09:02
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via an EMF file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2016-0014.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1036805 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/92934 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:50:47.309Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036805", }, { name: "92934", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92934", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-09-13T00:00:00", descriptions: [ { lang: "en", value: "VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via an EMF file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-29T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036805", }, { name: "92934", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92934", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7082", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via an EMF file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036805", }, { name: "92934", refsource: "BID", url: "http://www.securityfocus.com/bid/92934", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7082", datePublished: "2016-12-29T09:02:00", dateReserved: "2016-08-23T00:00:00", dateUpdated: "2024-08-06T01:50:47.309Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-7083
Vulnerability from cvelistv5
Published
2016-12-29 09:02
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via TrueType fonts embedded in EMFSPOOL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2016-0014.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1036805 | vdb-entry, x_refsource_SECTRACK | |
| https://www.exploit-db.com/exploits/40398/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/bid/92934 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:50:46.750Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036805", }, { name: "40398", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/40398/", }, { name: "92934", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92934", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-09-13T00:00:00", descriptions: [ { lang: "en", value: "VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via TrueType fonts embedded in EMFSPOOL.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-02T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036805", }, { name: "40398", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/40398/", }, { name: "92934", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92934", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7083", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via TrueType fonts embedded in EMFSPOOL.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036805", }, { name: "40398", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/40398/", }, { name: "92934", refsource: "BID", url: "http://www.securityfocus.com/bid/92934", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7083", datePublished: "2016-12-29T09:02:00", dateReserved: "2016-08-23T00:00:00", dateUpdated: "2024-08-06T01:50:46.750Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3990
Vulnerability from cvelistv5
Published
2020-09-16 16:17
Modified
2024-08-04 07:52
Severity ?
EPSS score ?
Summary
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.vmware.com/security/advisories/VMSA-2020-0020.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workstation and Horizon Client for Windows |
Version: VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:52:20.351Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "VMware Workstation and Horizon Client for Windows", vendor: "n/a", versions: [ { status: "affected", version: "VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4)", }, ], }, ], descriptions: [ { lang: "en", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client.", }, ], problemTypes: [ { descriptions: [ { description: "Information disclosure vulnerability via Cortado ThinPrint", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-16T16:17:17", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2020-3990", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "VMware Workstation and Horizon Client for Windows", version: { version_data: [ { version_value: "VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information disclosure vulnerability via Cortado ThinPrint", }, ], }, ], }, references: { reference_data: [ { name: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", refsource: "MISC", url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2020-3990", datePublished: "2020-09-16T16:17:17", dateReserved: "2019-12-30T00:00:00", dateUpdated: "2024-08-04T07:52:20.351Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-6957
Vulnerability from cvelistv5
Published
2018-03-15 19:00
Modified
2024-09-16 23:06
Severity ?
EPSS score ?
Summary
VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/103431 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1040539 | vdb-entry, x_refsource_SECTRACK | |
| https://www.vmware.com/security/advisories/VMSA-2018-0008.html | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | VMware | Workstation |
Version: 14.x before 14.1.1 Version: 12.x |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T06:17:17.299Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "103431", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/103431", }, { name: "1040539", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040539", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.vmware.com/security/advisories/VMSA-2018-0008.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Workstation", vendor: "VMware", versions: [ { status: "affected", version: "14.x before 14.1.1", }, { status: "affected", version: "12.x", }, ], }, { product: "Fusion", vendor: "VMware", versions: [ { status: "affected", version: "10.x before 10.1.1", }, { status: "affected", version: "8.x", }, ], }, ], datePublic: "2018-03-15T00:00:00", descriptions: [ { lang: "en", value: "VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled.", }, ], problemTypes: [ { descriptions: [ { description: "Denial-of-service vulnerability", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-03-20T09:57:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { name: "103431", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/103431", }, { name: "1040539", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040539", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.vmware.com/security/advisories/VMSA-2018-0008.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", DATE_PUBLIC: "2018-03-15T00:00:00", ID: "CVE-2018-6957", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Workstation", version: { version_data: [ { version_value: "14.x before 14.1.1", }, { version_value: "12.x", }, ], }, }, { product_name: "Fusion", version: { version_data: [ { version_value: "10.x before 10.1.1", }, { version_value: "8.x", }, ], }, }, ], }, vendor_name: "VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial-of-service vulnerability", }, ], }, ], }, references: { reference_data: [ { name: "103431", refsource: "BID", url: "http://www.securityfocus.com/bid/103431", }, { name: "1040539", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040539", }, { name: "https://www.vmware.com/security/advisories/VMSA-2018-0008.html", refsource: "CONFIRM", url: "https://www.vmware.com/security/advisories/VMSA-2018-0008.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2018-6957", datePublished: "2018-03-15T19:00:00Z", dateReserved: "2018-02-14T00:00:00", dateUpdated: "2024-09-16T23:06:38.093Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-4902
Vulnerability from cvelistv5
Published
2017-06-07 18:00
Modified
2024-08-05 14:39
Severity ?
EPSS score ?
Summary
VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2017-0006.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1038148 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/97163 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1038149 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | VMware | ESXi |
Version: 6.5 without patch ESXi650-201703410-SG Version: 5.5 without patch ESXi550-201703401-SG |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:39:41.428Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { name: "1038148", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038148", }, { name: "97163", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/97163", }, { name: "1038149", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038149", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ESXi", vendor: "VMware", versions: [ { status: "affected", version: "6.5 without patch ESXi650-201703410-SG", }, { status: "affected", version: "5.5 without patch ESXi550-201703401-SG", }, ], }, { product: "Workstation Pro / Player", vendor: "VMware", versions: [ { status: "affected", version: "12.x prior to 12.5.5", }, ], }, { product: "Fusion Pro / Fusion", vendor: "VMware", versions: [ { status: "affected", version: "8.x prior to 8.5.6", }, ], }, ], datePublic: "2017-03-28T00:00:00", descriptions: [ { lang: "en", value: "VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host.", }, ], problemTypes: [ { descriptions: [ { description: "Heap Buffer Overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-11T09:57:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { name: "1038148", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038148", }, { name: "97163", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/97163", }, { name: "1038149", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038149", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2017-4902", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ESXi", version: { version_data: [ { version_value: "6.5 without patch ESXi650-201703410-SG", }, { version_value: "5.5 without patch ESXi550-201703401-SG", }, ], }, }, { product_name: "Workstation Pro / Player", version: { version_data: [ { version_value: "12.x prior to 12.5.5", }, ], }, }, { product_name: "Fusion Pro / Fusion", version: { version_data: [ { version_value: "8.x prior to 8.5.6", }, ], }, }, ], }, vendor_name: "VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Heap Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { name: "1038148", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1038148", }, { name: "97163", refsource: "BID", url: "http://www.securityfocus.com/bid/97163", }, { name: "1038149", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1038149", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2017-4902", datePublished: "2017-06-07T18:00:00", dateReserved: "2016-12-26T00:00:00", dateUpdated: "2024-08-05T14:39:41.428Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-4903
Vulnerability from cvelistv5
Published
2017-06-07 18:00
Modified
2024-08-05 14:39
Severity ?
EPSS score ?
Summary
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/97160 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2017-0006.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1038148 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1038149 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | VMware | ESXi |
Version: 6.5 without patch ESXi650-201703410-SG Version: 6.0 U3 without patch ESXi600-201703401-SG Version: 6.0 U2 without patch ESXi600-201703403-SG Version: 6.0 U1 without patch ESXi600-201703402-SG Version: 5.5 without patch ESXi550-201703401-SG |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:39:41.551Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "97160", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/97160", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { name: "1038148", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038148", }, { name: "1038149", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038149", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ESXi", vendor: "VMware", versions: [ { status: "affected", version: "6.5 without patch ESXi650-201703410-SG", }, { status: "affected", version: "6.0 U3 without patch ESXi600-201703401-SG", }, { status: "affected", version: "6.0 U2 without patch ESXi600-201703403-SG", }, { status: "affected", version: "6.0 U1 without patch ESXi600-201703402-SG", }, { status: "affected", version: "5.5 without patch ESXi550-201703401-SG", }, ], }, { product: "Workstation Pro / Player", vendor: "VMware", versions: [ { status: "affected", version: "12.x prior to 12.5.5", }, ], }, { product: "Fusion Pro / Fusion", vendor: "VMware", versions: [ { status: "affected", version: "8.x prior to 8.5.6", }, ], }, ], datePublic: "2017-03-28T00:00:00", descriptions: [ { lang: "en", value: "VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host.", }, ], problemTypes: [ { descriptions: [ { description: "Uninitialized Stack Memory Usage", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-11T09:57:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { name: "97160", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/97160", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { name: "1038148", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038148", }, { name: "1038149", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038149", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2017-4903", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ESXi", version: { version_data: [ { version_value: "6.5 without patch ESXi650-201703410-SG", }, { version_value: "6.0 U3 without patch ESXi600-201703401-SG", }, { version_value: "6.0 U2 without patch ESXi600-201703403-SG", }, { version_value: "6.0 U1 without patch ESXi600-201703402-SG", }, { version_value: "5.5 without patch ESXi550-201703401-SG", }, ], }, }, { product_name: "Workstation Pro / Player", version: { version_data: [ { version_value: "12.x prior to 12.5.5", }, ], }, }, { product_name: "Fusion Pro / Fusion", version: { version_data: [ { version_value: "8.x prior to 8.5.6", }, ], }, }, ], }, vendor_name: "VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Uninitialized Stack Memory Usage", }, ], }, ], }, references: { reference_data: [ { name: "97160", refsource: "BID", url: "http://www.securityfocus.com/bid/97160", }, { name: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { name: "1038148", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1038148", }, { name: "1038149", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1038149", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2017-4903", datePublished: "2017-06-07T18:00:00", dateReserved: "2016-12-26T00:00:00", dateUpdated: "2024-08-05T14:39:41.551Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-4916
Vulnerability from cvelistv5
Published
2017-05-22 14:00
Modified
2024-08-05 14:47
Severity ?
EPSS score ?
Summary
VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation of this issue may allow host users with normal user privileges to trigger a denial-of-service in a Windows host machine.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038526 | vdb-entry, x_refsource_SECTRACK | |
| https://www.vmware.com/security/advisories/VMSA-2017-0009.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/98560 | vdb-entry, x_refsource_BID | |
| https://www.exploit-db.com/exploits/42140/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | Workstation Pro/Player |
Version: All 12.x versions prior to version 12.5.6 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:47:42.914Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1038526", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038526", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0009.html", }, { name: "98560", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/98560", }, { name: "42140", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/42140/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Workstation Pro/Player", vendor: "VMware", versions: [ { status: "affected", version: "All 12.x versions prior to version 12.5.6", }, ], }, ], datePublic: "2017-05-18T00:00:00", descriptions: [ { lang: "en", value: "VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation of this issue may allow host users with normal user privileges to trigger a denial-of-service in a Windows host machine.", }, ], problemTypes: [ { descriptions: [ { description: "NULL pointer dereference", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-12T09:57:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { name: "1038526", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038526", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0009.html", }, { name: "98560", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/98560", }, { name: "42140", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/42140/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2017-4916", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Workstation Pro/Player", version: { version_data: [ { version_value: "All 12.x versions prior to version 12.5.6", }, ], }, }, ], }, vendor_name: "VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation of this issue may allow host users with normal user privileges to trigger a denial-of-service in a Windows host machine.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "NULL pointer dereference", }, ], }, ], }, references: { reference_data: [ { name: "1038526", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1038526", }, { name: "https://www.vmware.com/security/advisories/VMSA-2017-0009.html", refsource: "CONFIRM", url: "https://www.vmware.com/security/advisories/VMSA-2017-0009.html", }, { name: "98560", refsource: "BID", url: "http://www.securityfocus.com/bid/98560", }, { name: "42140", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/42140/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2017-4916", datePublished: "2017-05-22T14:00:00", dateReserved: "2016-12-26T00:00:00", dateUpdated: "2024-08-05T14:47:42.914Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-7081
Vulnerability from cvelistv5
Published
2016-12-29 09:02
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2016-0014.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1036805 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/92935 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:50:47.436Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036805", }, { name: "92935", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92935", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-09-13T00:00:00", descriptions: [ { lang: "en", value: "Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-29T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036805", }, { name: "92935", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92935", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7081", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036805", }, { name: "92935", refsource: "BID", url: "http://www.securityfocus.com/bid/92935", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7081", datePublished: "2016-12-29T09:02:00", dateReserved: "2016-08-23T00:00:00", dateUpdated: "2024-08-06T01:50:47.436Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-4905
Vulnerability from cvelistv5
Published
2017-06-07 18:00
Modified
2024-08-05 14:39
Severity ?
EPSS score ?
Summary
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. This issue may lead to an information leak.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/97164 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2017-0006.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1038148 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1038149 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | VMware | ESXi |
Version: 6.5 without patch ESXi650-201703410-SG Version: 6.0 U3 without patch ESXi600-201703401-SG Version: 6.0 U2 without patch ESXi600-201703403-SG Version: 6.0 U1 without patch ESXi600-201703402-SG Version: 5.5 without patch ESXi550-201703401-SG |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:39:41.549Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "97164", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/97164", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { name: "1038148", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038148", }, { name: "1038149", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038149", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ESXi", vendor: "VMware", versions: [ { status: "affected", version: "6.5 without patch ESXi650-201703410-SG", }, { status: "affected", version: "6.0 U3 without patch ESXi600-201703401-SG", }, { status: "affected", version: "6.0 U2 without patch ESXi600-201703403-SG", }, { status: "affected", version: "6.0 U1 without patch ESXi600-201703402-SG", }, { status: "affected", version: "5.5 without patch ESXi550-201703401-SG", }, ], }, { product: "Workstation Pro / Player", vendor: "VMware", versions: [ { status: "affected", version: "12.x prior to 12.5.5", }, ], }, { product: "Fusion Pro / Fusion", vendor: "VMware", versions: [ { status: "affected", version: "8.x prior to 8.5.6", }, ], }, ], datePublic: "2017-03-28T00:00:00", descriptions: [ { lang: "en", value: "VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. This issue may lead to an information leak.", }, ], problemTypes: [ { descriptions: [ { description: "Information leak", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-11T09:57:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { name: "97164", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/97164", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { name: "1038148", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038148", }, { name: "1038149", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038149", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2017-4905", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ESXi", version: { version_data: [ { version_value: "6.5 without patch ESXi650-201703410-SG", }, { version_value: "6.0 U3 without patch ESXi600-201703401-SG", }, { version_value: "6.0 U2 without patch ESXi600-201703403-SG", }, { version_value: "6.0 U1 without patch ESXi600-201703402-SG", }, { version_value: "5.5 without patch ESXi550-201703401-SG", }, ], }, }, { product_name: "Workstation Pro / Player", version: { version_data: [ { version_value: "12.x prior to 12.5.5", }, ], }, }, { product_name: "Fusion Pro / Fusion", version: { version_data: [ { version_value: "8.x prior to 8.5.6", }, ], }, }, ], }, vendor_name: "VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. This issue may lead to an information leak.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information leak", }, ], }, ], }, references: { reference_data: [ { name: "97164", refsource: "BID", url: "http://www.securityfocus.com/bid/97164", }, { name: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { name: "1038148", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1038148", }, { name: "1038149", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1038149", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2017-4905", datePublished: "2017-06-07T18:00:00", dateReserved: "2016-12-26T00:00:00", dateUpdated: "2024-08-05T14:39:41.549Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-4933
Vulnerability from cvelistv5
Published
2017-12-20 15:00
Modified
2024-09-16 23:51
Severity ?
EPSS score ?
Summary
VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.vmware.com/security/advisories/VMSA-2017-0021.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1040025 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1040024 | vdb-entry, x_refsource_SECTRACK |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:47:43.676Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0021.html", }, { name: "1040025", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040025", }, { name: "1040024", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ESXi", vendor: "VMware", versions: [ { status: "affected", version: "6.5 before ESXi650-201710401-BG", }, ], }, { product: "Workstation", vendor: "VMware", versions: [ { status: "affected", version: "12.x before 12.5.8", }, ], }, { product: "Fusion", vendor: "VMware", versions: [ { status: "affected", version: "8.x before 8.5.9", }, ], }, ], datePublic: "2017-12-19T00:00:00", descriptions: [ { lang: "en", value: "VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall.", }, ], problemTypes: [ { descriptions: [ { description: "Heap overflow via authenticated VNC session", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-21T10:57:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0021.html", }, { name: "1040025", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040025", }, { name: "1040024", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040024", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", DATE_PUBLIC: "2017-12-19T00:00:00", ID: "CVE-2017-4933", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ESXi", version: { version_data: [ { version_value: "6.5 before ESXi650-201710401-BG", }, ], }, }, { product_name: "Workstation", version: { version_data: [ { version_value: "12.x before 12.5.8", }, ], }, }, { product_name: "Fusion", version: { version_data: [ { version_value: "8.x before 8.5.9", }, ], }, }, ], }, vendor_name: "VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Heap overflow via authenticated VNC session", }, ], }, ], }, references: { reference_data: [ { name: "https://www.vmware.com/security/advisories/VMSA-2017-0021.html", refsource: "CONFIRM", url: "https://www.vmware.com/security/advisories/VMSA-2017-0021.html", }, { name: "1040025", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040025", }, { name: "1040024", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040024", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2017-4933", datePublished: "2017-12-20T15:00:00Z", dateReserved: "2016-12-26T00:00:00", dateUpdated: "2024-09-16T23:51:11.761Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-4925
Vulnerability from cvelistv5
Published
2017-09-15 13:00
Modified
2024-09-17 03:03
Severity ?
EPSS score ?
Summary
VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039368 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/100842 | vdb-entry, x_refsource_BID | |
| https://www.vmware.com/security/advisories/VMSA-2017-0015.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1039367 | vdb-entry, x_refsource_SECTRACK |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:47:43.383Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1039368", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1039368", }, { name: "100842", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/100842", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0015.html", }, { name: "1039367", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1039367", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ESXi", vendor: "VMware", versions: [ { status: "affected", version: "6.5 without patch ESXi650-201707101-SG", }, { status: "affected", version: "6.0 without patch ESXi600-201706101-SG", }, { status: "affected", version: "5.5 without patch ESXi550-201709101-SG", }, ], }, { product: "Workstation", vendor: "VMware", versions: [ { status: "affected", version: "12.x before 12.5.3", }, ], }, { product: "Fusion", vendor: "VMware", versions: [ { status: "affected", version: "8.x before 8.5.4", }, ], }, ], datePublic: "2017-09-14T00:00:00", descriptions: [ { lang: "en", value: "VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.", }, ], problemTypes: [ { descriptions: [ { description: "NULL pointer dereference vulnerability", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-16T09:57:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { name: "1039368", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1039368", }, { name: "100842", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/100842", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0015.html", }, { name: "1039367", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1039367", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", DATE_PUBLIC: "2017-09-14T00:00:00", ID: "CVE-2017-4925", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ESXi", version: { version_data: [ { version_value: "6.5 without patch ESXi650-201707101-SG", }, { version_value: "6.0 without patch ESXi600-201706101-SG", }, { version_value: "5.5 without patch ESXi550-201709101-SG", }, ], }, }, { product_name: "Workstation", version: { version_data: [ { version_value: "12.x before 12.5.3", }, ], }, }, { product_name: "Fusion", version: { version_data: [ { version_value: "8.x before 8.5.4", }, ], }, }, ], }, vendor_name: "VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "NULL pointer dereference vulnerability", }, ], }, ], }, references: { reference_data: [ { name: "1039368", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1039368", }, { name: "100842", refsource: "BID", url: "http://www.securityfocus.com/bid/100842", }, { name: "https://www.vmware.com/security/advisories/VMSA-2017-0015.html", refsource: "CONFIRM", url: "https://www.vmware.com/security/advisories/VMSA-2017-0015.html", }, { name: "1039367", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1039367", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2017-4925", datePublished: "2017-09-15T13:00:00Z", dateReserved: "2016-12-26T00:00:00", dateUpdated: "2024-09-17T03:03:34.620Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-4915
Vulnerability from cvelistv5
Published
2017-05-22 14:00
Modified
2024-08-05 14:47
Severity ?
EPSS score ?
Summary
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/98566 | vdb-entry, x_refsource_BID | |
| https://www.vmware.com/security/advisories/VMSA-2017-0009.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1038525 | vdb-entry, x_refsource_SECTRACK | |
| https://www.exploit-db.com/exploits/42045/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | Workstation Pro/Player |
Version: All 12.x versions prior to version 12.5.6 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:47:42.913Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "98566", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/98566", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0009.html", }, { name: "1038525", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038525", }, { name: "42045", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/42045/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Workstation Pro/Player", vendor: "VMware", versions: [ { status: "affected", version: "All 12.x versions prior to version 12.5.6", }, ], }, ], datePublic: "2017-05-18T00:00:00", descriptions: [ { lang: "en", value: "VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine.", }, ], problemTypes: [ { descriptions: [ { description: "Privilege Escalation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-12T09:57:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { name: "98566", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/98566", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0009.html", }, { name: "1038525", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038525", }, { name: "42045", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/42045/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2017-4915", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Workstation Pro/Player", version: { version_data: [ { version_value: "All 12.x versions prior to version 12.5.6", }, ], }, }, ], }, vendor_name: "VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Privilege Escalation", }, ], }, ], }, references: { reference_data: [ { name: "98566", refsource: "BID", url: "http://www.securityfocus.com/bid/98566", }, { name: "https://www.vmware.com/security/advisories/VMSA-2017-0009.html", refsource: "CONFIRM", url: "https://www.vmware.com/security/advisories/VMSA-2017-0009.html", }, { name: "1038525", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1038525", }, { name: "42045", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/42045/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2017-4915", datePublished: "2017-05-22T14:00:00", dateReserved: "2016-12-26T00:00:00", dateUpdated: "2024-08-05T14:47:42.913Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-4924
Vulnerability from cvelistv5
Published
2017-09-15 13:00
Modified
2024-09-17 02:20
Severity ?
EPSS score ?
Summary
VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039365 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/100843 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1039366 | vdb-entry, x_refsource_SECTRACK | |
| https://www.vmware.com/security/advisories/VMSA-2017-0015.html | x_refsource_CONFIRM | |
| https://0patch.blogspot.com/2017/10/micropatching-hypervisor-with-running.html | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:47:43.323Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1039365", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1039365", }, { name: "100843", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/100843", }, { name: "1039366", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1039366", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0015.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://0patch.blogspot.com/2017/10/micropatching-hypervisor-with-running.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ESXi", vendor: "VMware", versions: [ { status: "affected", version: "6.5 without patch ESXi650-201707101-SG", }, ], }, { product: "Workstation", vendor: "VMware", versions: [ { status: "affected", version: "12.x before 12.5.7", }, ], }, { product: "Fusion", vendor: "VMware", versions: [ { status: "affected", version: "8.x before 8.5.8", }, ], }, ], datePublic: "2017-09-14T00:00:00", descriptions: [ { lang: "en", value: "VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host.", }, ], problemTypes: [ { descriptions: [ { description: "Out-of-bounds write vulnerability", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-09T13:57:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { name: "1039365", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1039365", }, { name: "100843", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/100843", }, { name: "1039366", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1039366", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.vmware.com/security/advisories/VMSA-2017-0015.html", }, { tags: [ "x_refsource_MISC", ], url: "https://0patch.blogspot.com/2017/10/micropatching-hypervisor-with-running.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", DATE_PUBLIC: "2017-09-14T00:00:00", ID: "CVE-2017-4924", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ESXi", version: { version_data: [ { version_value: "6.5 without patch ESXi650-201707101-SG", }, ], }, }, { product_name: "Workstation", version: { version_data: [ { version_value: "12.x before 12.5.7", }, ], }, }, { product_name: "Fusion", version: { version_data: [ { version_value: "8.x before 8.5.8", }, ], }, }, ], }, vendor_name: "VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Out-of-bounds write vulnerability", }, ], }, ], }, references: { reference_data: [ { name: "1039365", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1039365", }, { name: "100843", refsource: "BID", url: "http://www.securityfocus.com/bid/100843", }, { name: "1039366", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1039366", }, { name: "https://www.vmware.com/security/advisories/VMSA-2017-0015.html", refsource: "CONFIRM", url: "https://www.vmware.com/security/advisories/VMSA-2017-0015.html", }, { name: "https://0patch.blogspot.com/2017/10/micropatching-hypervisor-with-running.html", refsource: "MISC", url: "https://0patch.blogspot.com/2017/10/micropatching-hypervisor-with-running.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2017-4924", datePublished: "2017-09-15T13:00:00Z", dateReserved: "2016-12-26T00:00:00", dateUpdated: "2024-09-17T02:20:43.435Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-22040
Vulnerability from cvelistv5
Published
2022-02-16 16:37
Modified
2024-08-03 18:30
Severity ?
EPSS score ?
Summary
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.vmware.com/security/advisories/VMSA-2022-0004.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi , Workstation, Fusion and VMware Cloud Foundation |
Version: VMware ESXi (7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878, 7.0 U1 before ESXi70U1e-19324898, ESXi 6.7 before ESXi670-202111101-SG and ESXi 6.5 ESXi650-202202401-SG), Workstation (16.x before 16.2.1), Fusion (12.x before 12.2.1) and VMware Cloud Foundation (4.x before 4.4 and 3.x before 3.11) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:30:24.011Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.vmware.com/security/advisories/VMSA-2022-0004.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "VMware ESXi , Workstation, Fusion and VMware Cloud Foundation", vendor: "n/a", versions: [ { status: "affected", version: "VMware ESXi (7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878, 7.0 U1 before ESXi70U1e-19324898, ESXi 6.7 before ESXi670-202111101-SG and ESXi 6.5 ESXi650-202202401-SG), Workstation (16.x before 16.2.1), Fusion (12.x before 12.2.1) and VMware Cloud Foundation (4.x before 4.4 and 3.x before 3.11)", }, ], }, ], descriptions: [ { lang: "en", value: "VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.", }, ], problemTypes: [ { descriptions: [ { description: "Use-after-free vulnerability", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-16T16:37:53", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.vmware.com/security/advisories/VMSA-2022-0004.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2021-22040", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "VMware ESXi , Workstation, Fusion and VMware Cloud Foundation", version: { version_data: [ { version_value: "VMware ESXi (7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878, 7.0 U1 before ESXi70U1e-19324898, ESXi 6.7 before ESXi670-202111101-SG and ESXi 6.5 ESXi650-202202401-SG), Workstation (16.x before 16.2.1), Fusion (12.x before 12.2.1) and VMware Cloud Foundation (4.x before 4.4 and 3.x before 3.11)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Use-after-free vulnerability", }, ], }, ], }, references: { reference_data: [ { name: "https://www.vmware.com/security/advisories/VMSA-2022-0004.html", refsource: "MISC", url: "https://www.vmware.com/security/advisories/VMSA-2022-0004.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2021-22040", datePublished: "2022-02-16T16:37:53", dateReserved: "2021-01-04T00:00:00", dateUpdated: "2024-08-03T18:30:24.011Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-7086
Vulnerability from cvelistv5
Published
2016-12-29 09:02
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2016-0014.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1036805 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/92941 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:50:47.469Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036805", }, { name: "92941", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92941", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-09-13T00:00:00", descriptions: [ { lang: "en", value: "The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-29T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036805", }, { name: "92941", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92941", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7086", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036805", }, { name: "92941", refsource: "BID", url: "http://www.securityfocus.com/bid/92941", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7086", datePublished: "2016-12-29T09:02:00", dateReserved: "2016-08-23T00:00:00", dateUpdated: "2024-08-06T01:50:47.469Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-4900
Vulnerability from cvelistv5
Published
2017-06-07 18:00
Modified
2024-08-05 14:39
Severity ?
EPSS score ?
Summary
VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/96770 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2017-0003.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1037979 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | Workstation Pro/Player |
Version: 12.x prior to version 12.5.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:39:41.486Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "96770", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/96770", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, { name: "1037979", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1037979", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Workstation Pro/Player", vendor: "VMware", versions: [ { status: "affected", version: "12.x prior to version 12.5.3", }, ], }, ], datePublic: "2017-03-09T00:00:00", descriptions: [ { lang: "en", value: "VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.", }, ], problemTypes: [ { descriptions: [ { description: "DoS", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-14T09:57:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { name: "96770", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/96770", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, { name: "1037979", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1037979", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2017-4900", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Workstation Pro/Player", version: { version_data: [ { version_value: "12.x prior to version 12.5.3", }, ], }, }, ], }, vendor_name: "VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "DoS", }, ], }, ], }, references: { reference_data: [ { name: "96770", refsource: "BID", url: "http://www.securityfocus.com/bid/96770", }, { name: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, { name: "1037979", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1037979", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2017-4900", datePublished: "2017-06-07T18:00:00", dateReserved: "2016-12-26T00:00:00", dateUpdated: "2024-08-05T14:39:41.486Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3989
Vulnerability from cvelistv5
Published
2020-09-16 16:17
Modified
2024-08-04 07:52
Severity ?
EPSS score ?
Summary
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an out-of-bounds write issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to create a partial denial-of-service condition on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.vmware.com/security/advisories/VMSA-2020-0020.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workstation and Horizon Client for Windows |
Version: VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:52:20.600Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "VMware Workstation and Horizon Client for Windows", vendor: "n/a", versions: [ { status: "affected", version: "VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4)", }, ], }, ], descriptions: [ { lang: "en", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an out-of-bounds write issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to create a partial denial-of-service condition on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client.", }, ], problemTypes: [ { descriptions: [ { description: "Denial-of-service vulnerability via Cortado ThinPrint", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-16T16:17:11", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2020-3989", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "VMware Workstation and Horizon Client for Windows", version: { version_data: [ { version_value: "VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an out-of-bounds write issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to create a partial denial-of-service condition on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial-of-service vulnerability via Cortado ThinPrint", }, ], }, ], }, references: { reference_data: [ { name: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", refsource: "MISC", url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2020-3989", datePublished: "2020-09-16T16:17:11", dateReserved: "2019-12-30T00:00:00", dateUpdated: "2024-08-04T07:52:20.600Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-4904
Vulnerability from cvelistv5
Published
2017-06-07 18:00
Modified
2024-08-05 14:39
Severity ?
EPSS score ?
Summary
The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/97165 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2017-0006.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1038148 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1038149 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | VMware | ESXi |
Version: 6.5 without patch ESXi650-201703410-SG Version: 6.0 U3 without patch ESXi600-201703401-SG Version: 6.0 U2 without patch ESXi600-201703403-SG Version: 6.0 U1 without patch ESXi600-201703402-SG Version: 5.5 without patch ESXi550-201703401-SG |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:39:41.527Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "97165", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/97165", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { name: "1038148", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038148", }, { name: "1038149", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038149", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ESXi", vendor: "VMware", versions: [ { status: "affected", version: "6.5 without patch ESXi650-201703410-SG", }, { status: "affected", version: "6.0 U3 without patch ESXi600-201703401-SG", }, { status: "affected", version: "6.0 U2 without patch ESXi600-201703403-SG", }, { status: "affected", version: "6.0 U1 without patch ESXi600-201703402-SG", }, { status: "affected", version: "5.5 without patch ESXi550-201703401-SG", }, ], }, { product: "Workstation Pro / Player", vendor: "VMware", versions: [ { status: "affected", version: "12.x prior to 12.5.5", }, ], }, { product: "Fusion Pro / Fusion", vendor: "VMware", versions: [ { status: "affected", version: "8.x prior to 8.5.6", }, ], }, ], datePublic: "2017-03-28T00:00:00", descriptions: [ { lang: "en", value: "The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5.", }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution / DoS", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-11T09:57:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { name: "97165", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/97165", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { name: "1038148", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038148", }, { name: "1038149", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038149", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2017-4904", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ESXi", version: { version_data: [ { version_value: "6.5 without patch ESXi650-201703410-SG", }, { version_value: "6.0 U3 without patch ESXi600-201703401-SG", }, { version_value: "6.0 U2 without patch ESXi600-201703403-SG", }, { version_value: "6.0 U1 without patch ESXi600-201703402-SG", }, { version_value: "5.5 without patch ESXi550-201703401-SG", }, ], }, }, { product_name: "Workstation Pro / Player", version: { version_data: [ { version_value: "12.x prior to 12.5.5", }, ], }, }, { product_name: "Fusion Pro / Fusion", version: { version_data: [ { version_value: "8.x prior to 8.5.6", }, ], }, }, ], }, vendor_name: "VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Remote Code Execution / DoS", }, ], }, ], }, references: { reference_data: [ { name: "97165", refsource: "BID", url: "http://www.securityfocus.com/bid/97165", }, { name: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", }, { name: "1038148", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1038148", }, { name: "1038149", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1038149", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2017-4904", datePublished: "2017-06-07T18:00:00", dateReserved: "2016-12-26T00:00:00", dateUpdated: "2024-08-05T14:39:41.527Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-7085
Vulnerability from cvelistv5
Published
2016-12-29 09:02
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2016-0014.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1036805 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/92940 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:50:47.464Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036805", }, { name: "92940", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92940", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-09-13T00:00:00", descriptions: [ { lang: "en", value: "Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-29T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036805", }, { name: "92940", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92940", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7085", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "1036805", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036805", }, { name: "92940", refsource: "BID", url: "http://www.securityfocus.com/bid/92940", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7085", datePublished: "2016-12-29T09:02:00", dateReserved: "2016-08-23T00:00:00", dateUpdated: "2024-08-06T01:50:47.464Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-4899
Vulnerability from cvelistv5
Published
2017-06-07 18:00
Modified
2024-08-05 14:39
Severity ?
EPSS score ?
Summary
VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may exploit this issue to crash the VM or trigger an out-of-bound read. Note: This issue can be triggered only when the host has no graphics card or no graphics drivers are installed.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/96771 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2017-0003.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1037979 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | Workstation Pro/Player |
Version: 12.x prior to version 12.5.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:39:41.392Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "96771", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/96771", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, { name: "1037979", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1037979", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Workstation Pro/Player", vendor: "VMware", versions: [ { status: "affected", version: "12.x prior to version 12.5.3", }, ], }, ], datePublic: "2017-03-09T00:00:00", descriptions: [ { lang: "en", value: "VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may exploit this issue to crash the VM or trigger an out-of-bound read. Note: This issue can be triggered only when the host has no graphics card or no graphics drivers are installed.", }, ], problemTypes: [ { descriptions: [ { description: "DoS", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-14T09:57:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { name: "96771", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/96771", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, { name: "1037979", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1037979", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2017-4899", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Workstation Pro/Player", version: { version_data: [ { version_value: "12.x prior to version 12.5.3", }, ], }, }, ], }, vendor_name: "VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may exploit this issue to crash the VM or trigger an out-of-bound read. Note: This issue can be triggered only when the host has no graphics card or no graphics drivers are installed.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "DoS", }, ], }, ], }, references: { reference_data: [ { name: "96771", refsource: "BID", url: "http://www.securityfocus.com/bid/96771", }, { name: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, { name: "1037979", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1037979", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2017-4899", datePublished: "2017-06-07T18:00:00", dateReserved: "2016-12-26T00:00:00", dateUpdated: "2024-08-05T14:39:41.392Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3987
Vulnerability from cvelistv5
Published
2020-09-16 16:14
Modified
2024-08-04 07:52
Severity ?
EPSS score ?
Summary
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMR STRETCHDIBITS parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.vmware.com/security/advisories/VMSA-2020-0020.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workstation and Horizon Client for Windows |
Version: VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:52:20.473Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "VMware Workstation and Horizon Client for Windows", vendor: "n/a", versions: [ { status: "affected", version: "VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4)", }, ], }, ], descriptions: [ { lang: "en", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMR STRETCHDIBITS parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.", }, ], problemTypes: [ { descriptions: [ { description: "Multiple out-of-bounds read issues via Cortado ThinPrint", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-16T16:14:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2020-3987", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "VMware Workstation and Horizon Client for Windows", version: { version_data: [ { version_value: "VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMR STRETCHDIBITS parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Multiple out-of-bounds read issues via Cortado ThinPrint", }, ], }, ], }, references: { reference_data: [ { name: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", refsource: "MISC", url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2020-3987", datePublished: "2020-09-16T16:14:01", dateReserved: "2019-12-30T00:00:00", dateUpdated: "2024-08-04T07:52:20.473Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-7084
Vulnerability from cvelistv5
Published
2016-12-29 09:02
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via a JPEG 2000 image.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2016-0014.html | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40399/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securitytracker.com/id/1036805 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/92934 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:50:47.432Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "40399", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/40399/", }, { name: "1036805", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036805", }, { name: "92934", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92934", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-09-13T00:00:00", descriptions: [ { lang: "en", value: "tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via a JPEG 2000 image.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-02T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "40399", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/40399/", }, { name: "1036805", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036805", }, { name: "92934", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92934", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7084", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via a JPEG 2000 image.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2016-0014.html", }, { name: "40399", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/40399/", }, { name: "1036805", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036805", }, { name: "92934", refsource: "BID", url: "http://www.securityfocus.com/bid/92934", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7084", datePublished: "2016-12-29T09:02:00", dateReserved: "2016-08-23T00:00:00", dateUpdated: "2024-08-06T01:50:47.432Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3986
Vulnerability from cvelistv5
Published
2020-09-16 16:13
Modified
2024-08-04 07:52
Severity ?
EPSS score ?
Summary
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMF Parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.vmware.com/security/advisories/VMSA-2020-0020.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workstation and Horizon Client for Windows |
Version: VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:52:20.439Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "VMware Workstation and Horizon Client for Windows", vendor: "n/a", versions: [ { status: "affected", version: "VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4)", }, ], }, ], descriptions: [ { lang: "en", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMF Parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.", }, ], problemTypes: [ { descriptions: [ { description: "Multiple out-of-bounds read issues via Cortado ThinPrint", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-16T16:13:54", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2020-3986", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "VMware Workstation and Horizon Client for Windows", version: { version_data: [ { version_value: "VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMF Parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Multiple out-of-bounds read issues via Cortado ThinPrint", }, ], }, ], }, references: { reference_data: [ { name: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", refsource: "MISC", url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2020-3986", datePublished: "2020-09-16T16:13:54", dateReserved: "2019-12-30T00:00:00", dateUpdated: "2024-08-04T07:52:20.439Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3988
Vulnerability from cvelistv5
Published
2020-09-16 16:14
Modified
2024-08-04 07:52
Severity ?
EPSS score ?
Summary
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.vmware.com/security/advisories/VMSA-2020-0020.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workstation and Horizon Client for Windows |
Version: VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:52:20.595Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "VMware Workstation and Horizon Client for Windows", vendor: "n/a", versions: [ { status: "affected", version: "VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4)", }, ], }, ], descriptions: [ { lang: "en", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.", }, ], problemTypes: [ { descriptions: [ { description: "Multiple out-of-bounds read issues via Cortado ThinPrint", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-16T16:14:08", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2020-3988", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "VMware Workstation and Horizon Client for Windows", version: { version_data: [ { version_value: "VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Multiple out-of-bounds read issues via Cortado ThinPrint", }, ], }, ], }, references: { reference_data: [ { name: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", refsource: "MISC", url: "https://www.vmware.com/security/advisories/VMSA-2020-0020.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2020-3988", datePublished: "2020-09-16T16:14:08", dateReserved: "2019-12-30T00:00:00", dateUpdated: "2024-08-04T07:52:20.595Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-7461
Vulnerability from cvelistv5
Published
2016-12-29 09:02
Modified
2024-08-06 01:57
Severity ?
EPSS score ?
Summary
The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94280 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2016-0019.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1037282 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:57:47.638Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "94280", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94280", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0019.html", }, { name: "1037282", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1037282", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-11-13T00:00:00", descriptions: [ { lang: "en", value: "The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-27T09:57:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { name: "94280", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94280", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0019.html", }, { name: "1037282", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1037282", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2016-7461", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "94280", refsource: "BID", url: "http://www.securityfocus.com/bid/94280", }, { name: "http://www.vmware.com/security/advisories/VMSA-2016-0019.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2016-0019.html", }, { name: "1037282", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1037282", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2016-7461", datePublished: "2016-12-29T09:02:00", dateReserved: "2016-09-09T00:00:00", dateUpdated: "2024-08-06T01:57:47.638Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-4898
Vulnerability from cvelistv5
Published
2017-06-07 18:00
Modified
2024-08-05 14:39
Severity ?
EPSS score ?
Summary
VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2017-0003.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/96772 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037979 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | Workstation Pro/Player |
Version: 12.x prior to version 12.5.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:39:41.379Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, { name: "96772", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/96772", }, { name: "1037979", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1037979", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Workstation Pro/Player", vendor: "VMware", versions: [ { status: "affected", version: "12.x prior to version 12.5.3", }, ], }, ], datePublic: "2017-03-09T00:00:00", descriptions: [ { lang: "en", value: "VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the \"vmware-vmx\" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed.", }, ], problemTypes: [ { descriptions: [ { description: "DLL Hijack", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-14T09:57:01", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, { name: "96772", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/96772", }, { name: "1037979", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1037979", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2017-4898", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Workstation Pro/Player", version: { version_data: [ { version_value: "12.x prior to version 12.5.3", }, ], }, }, ], }, vendor_name: "VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the \"vmware-vmx\" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "DLL Hijack", }, ], }, ], }, references: { reference_data: [ { name: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", }, { name: "96772", refsource: "BID", url: "http://www.securityfocus.com/bid/96772", }, { name: "1037979", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1037979", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2017-4898", datePublished: "2017-06-07T18:00:00", dateReserved: "2016-12-26T00:00:00", dateUpdated: "2024-08-05T14:39:41.379Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }