certfr_avis - certfr-2018-avi-025

CERTFR-2018-AVI-025

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer une exécution de code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	N/A	Workstation versions 12.x antérieures à 12.5.9
VMware	Fusion	Fusion versions 10.x pour OS X antérieures à 10.1.1
VMware	N/A	Workstation versions 14.x antérieures à 14.1.1
VMware	Fusion	Fusion versions 8.x pour OS X antérieures à 8.5.10

References

Title

Publication Time

Tags

Bulletin de sécurité VMware VMSA-2018-0005 du 10 janvier 2018

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Workstation versions 12.x ant\u00e9rieures \u00e0 12.5.9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Fusion versions 10.x pour OS X ant\u00e9rieures \u00e0 10.1.1",
      "product": {
        "name": "Fusion",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Workstation versions 14.x ant\u00e9rieures \u00e0 14.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Fusion versions 8.x pour OS X ant\u00e9rieures \u00e0 8.5.10",
      "product": {
        "name": "Fusion",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-4950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-4950"
    },
    {
      "name": "CVE-2017-4949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-4949"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-025",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-01-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nVMware. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2018-0005 du 10 janvier 2018",
      "url": "https://www.vmware.com/security/advisories/VMSA-2018-0005.html"
    }
  ]
}

CVE-2017-4950 (GCVE-0-2017-4950)

Vulnerability from cvelistv5 – Published: 2018-01-11 14:00 – Updated: 2024-09-17 02:47

Summary

VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may lead to an out-of-bound read which can then be used to execute code on the host in conjunction with other issues. Note: IPv6 mode for VMNAT is not enabled by default.

Severity ?

No CVSS data available.

CWE

Integer-overflow vulnerability

Assigner

vmware

References

URL

Tags

	http://www.securitytracker.com/id/1040161	vdb-entryx_refsource_SECTRACK
	https://www.vmware.com/security/advisories/VMSA-2…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/102490	vdb-entryx_refsource_BID

Impacted products

Vendor

Product

Version

VMware

Workstation Pro / Player

Affected: 14.x before 14.1.1
Affected: 12.x before 12.5.9

VMware

Fusion

Affected: 10.x before 10.1.1
Affected: 8.x before 8.5.10

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:47:44.354Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1040161",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040161"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.vmware.com/security/advisories/VMSA-2018-0005.html"
          },
          {
            "name": "102490",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102490"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Workstation Pro / Player",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "14.x before 14.1.1"
            },
            {
              "status": "affected",
              "version": "12.x before 12.5.9"
            }
          ]
        },
        {
          "product": "Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "10.x before 10.1.1"
            },
            {
              "status": "affected",
              "version": "8.x before 8.5.10"
            }
          ]
        }
      ],
      "datePublic": "2017-01-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may lead to an out-of-bound read which can then be used to execute code on the host in conjunction with other issues. Note: IPv6 mode for VMNAT is not enabled by default."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Integer-overflow vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-12T10:57:01",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "name": "1040161",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040161"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.vmware.com/security/advisories/VMSA-2018-0005.html"
        },
        {
          "name": "102490",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102490"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@vmware.com",
          "DATE_PUBLIC": "2017-01-10T00:00:00",
          "ID": "CVE-2017-4950",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Workstation Pro / Player",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "14.x before 14.1.1"
                          },
                          {
                            "version_value": "12.x before 12.5.9"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Fusion",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.x before 10.1.1"
                          },
                          {
                            "version_value": "8.x before 8.5.10"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "VMware"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may lead to an out-of-bound read which can then be used to execute code on the host in conjunction with other issues. Note: IPv6 mode for VMNAT is not enabled by default."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Integer-overflow vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1040161",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040161"
            },
            {
              "name": "https://www.vmware.com/security/advisories/VMSA-2018-0005.html",
              "refsource": "CONFIRM",
              "url": "https://www.vmware.com/security/advisories/VMSA-2018-0005.html"
            },
            {
              "name": "102490",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102490"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2017-4950",
    "datePublished": "2018-01-11T14:00:00Z",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-09-17T02:47:03.609Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-4949 (GCVE-0-2017-4949)

Vulnerability from cvelistv5 – Published: 2018-01-11 14:00 – Updated: 2024-09-16 22:46

Summary

VMware Workstation and Fusion contain a use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may allow a guest to execute code on the host. Note: IPv6 mode for VMNAT is not enabled by default.

Severity ?

No CVSS data available.

CWE

Use-after-free vulnerability

Assigner

vmware

References

URL

Tags

	http://www.securitytracker.com/id/1040161	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/102489	vdb-entryx_refsource_BID
	https://www.vmware.com/security/advisories/VMSA-2…	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

VMware

Workstation Pro / Player

Affected: 14.x before 14.1.1
Affected: 12.x before 12.5.9

VMware

Fusion

Affected: 10.x before 10.1.1
Affected: 8.x before 8.5.10

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:47:43.404Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1040161",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040161"
          },
          {
            "name": "102489",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102489"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.vmware.com/security/advisories/VMSA-2018-0005.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Workstation Pro / Player",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "14.x before 14.1.1"
            },
            {
              "status": "affected",
              "version": "12.x before 12.5.9"
            }
          ]
        },
        {
          "product": "Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "10.x before 10.1.1"
            },
            {
              "status": "affected",
              "version": "8.x before 8.5.10"
            }
          ]
        }
      ],
      "datePublic": "2017-01-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "VMware Workstation and Fusion contain a use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may allow a guest to execute code on the host. Note: IPv6 mode for VMNAT is not enabled by default."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Use-after-free vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-12T10:57:01",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "name": "1040161",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040161"
        },
        {
          "name": "102489",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102489"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.vmware.com/security/advisories/VMSA-2018-0005.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@vmware.com",
          "DATE_PUBLIC": "2017-01-10T00:00:00",
          "ID": "CVE-2017-4949",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Workstation Pro / Player",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "14.x before 14.1.1"
                          },
                          {
                            "version_value": "12.x before 12.5.9"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Fusion",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.x before 10.1.1"
                          },
                          {
                            "version_value": "8.x before 8.5.10"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "VMware"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "VMware Workstation and Fusion contain a use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may allow a guest to execute code on the host. Note: IPv6 mode for VMNAT is not enabled by default."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Use-after-free vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1040161",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040161"
            },
            {
              "name": "102489",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102489"
            },
            {
              "name": "https://www.vmware.com/security/advisories/VMSA-2018-0005.html",
              "refsource": "CONFIRM",
              "url": "https://www.vmware.com/security/advisories/VMSA-2018-0005.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2017-4949",
    "datePublished": "2018-01-11T14:00:00Z",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-09-16T22:46:45.435Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CERTFR-2018-AVI-025

Solution

CVE-2017-4950 (GCVE-0-2017-4950)

CVE-2017-4949 (GCVE-0-2017-4949)

Tags

Sightings

Nomenclature