CNVD-2017-03656
Vulnerability from cnvd - Published: 2017-03-27
VLAI Severity ?
Title
多个VMware Workstation产品拒绝服务漏洞
Description
VMware Workstation是美国威睿(VMware)公司的虚拟机软件产品。
多个VMware Workstation产品存在拒绝服务漏洞。远程攻击者可利用该漏洞提交特殊的请求,使应用程序崩溃。
Severity
中
Patch Name
多个VMware Workstation产品拒绝服务漏洞的补丁
Patch Description
VMware Workstation是美国威睿(VMware)公司的虚拟机软件产品。
多个VMware Workstation产品存在拒绝服务漏洞。远程攻击者可利用该漏洞提交特殊的请求,使应用程序崩溃。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: http://www.vmware.com/security/advisories/VMSA-2017-0003.html
Reference
http://www.securityfocus.com/bid/96770
Impacted products
| Name | ['VMware Workstation Pro 12.5.2', 'VMware Workstation Pro 12.1.1', 'VMware Workstation Pro 12.1', 'VMware Workstation Pro 12.5.0', 'VMware Workstation Pro 12.0', 'VMware Workstation Player 12.5.2', 'VMware Workstation Player 12.5', 'VMware Workstation Player 12.1.1', 'VMware Workstation Player 12.1', 'VMware Workstation Player 12.0'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "96770"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2017-4900",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-4900"
}
},
"description": "VMware Workstation\u662f\u7f8e\u56fd\u5a01\u777f\uff08VMware\uff09\u516c\u53f8\u7684\u865a\u62df\u673a\u8f6f\u4ef6\u4ea7\u54c1\u3002\r\n\r\n\u591a\u4e2aVMware Workstation\u4ea7\u54c1\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u3002",
"discovererName": "Saar Amar (@AmarSaar)",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://www.vmware.com/security/advisories/VMSA-2017-0003.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-03656",
"openTime": "2017-03-27",
"patchDescription": "VMware Workstation\u662f\u7f8e\u56fd\u5a01\u777f\uff08VMware\uff09\u516c\u53f8\u7684\u865a\u62df\u673a\u8f6f\u4ef6\u4ea7\u54c1\u3002 \r\n\r\n\u591a\u4e2aVMware Workstation\u4ea7\u54c1\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u591a\u4e2aVMware Workstation\u4ea7\u54c1\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"VMware Workstation Pro 12.5.2",
"VMware Workstation Pro 12.1.1",
"VMware Workstation Pro 12.1",
"VMware Workstation Pro 12.5.0",
"VMware Workstation Pro 12.0",
"VMware Workstation Player 12.5.2",
"VMware Workstation Player 12.5",
"VMware Workstation Player 12.1.1",
"VMware Workstation Player 12.1",
"VMware Workstation Player 12.0"
]
},
"referenceLink": "http://www.securityfocus.com/bid/96770",
"serverity": "\u4e2d",
"submitTime": "2017-03-16",
"title": "\u591a\u4e2aVMware Workstation\u4ea7\u54c1\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…