CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2017-4900
https://notcve.org/view.php?id=CVE-2017-4900
07 Jun 2017 — VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs. VMware Workstation Pro/Player 12.x anterior a 12.5.3 contiene una vulnerabilidad de puntero NULL que existe en el driver SVGA. Una explotación satisfactoria de este problema permitirá a los atacantes con privilegios de usuario normal hacer caer la aplicación. • http://www.securityfocus.com/bid/96770 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2017-4908 – ThinPrint TPView JPEG2000 Parsing Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-4908
19 Apr 2017 — VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtu... • http://www.securityfocus.com/bid/97912 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2017-4910 – ThinPrint TPView JPEG2000 Parsing Out-Of-Bounds Read Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-4910
19 Apr 2017 — VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual... • http://www.securityfocus.com/bid/97913 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2017-4911 – ThinPrint TPView JPEG2000 Parsing Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-4911
19 Apr 2017 — VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds write vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtua... • http://www.securityfocus.com/bid/97916 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2016-7081 – ThinPrint TPClnt/TPView Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-7081
29 Dec 2016 — Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified vectors. Múltiples desbordamientos de búfer basados en memoria dinámica en VMware Workstation Pro 12.x en versiones anteriores a 12.5.0 y VMware Workstation Player 12.x en versiones anteriores a 12.5.0 en Windows, cuando la impresión virtu... • http://www.securityfocus.com/bid/92935 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2016-7085 – VMWare Player 7.1.3 DLL Hijacking
https://notcve.org/view.php?id=CVE-2016-7085
29 Dec 2016 — Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. Vulnerabilidad de ruta de búsqueda no confiable en el instalador en VMware Workstation Pro 12.x en versiones anteriores a 12.5.0 y VMware Workstation Player 12.x en versiones anteriores a 12.5.0 en Windows permite a usuarios locales obtener privilegios a través de... • https://packetstorm.news/files/id/148784 • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2016-7086
https://notcve.org/view.php?id=CVE-2016-7086
29 Dec 2016 — The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory. El instalador en VMware Workstation Pro 12.x en versiones anteriores a 12.5.0 y VMware Workstation Player 12.x en versiones anteriores a 12.5.0 en Windows permite a usuarios locales obtener privilegios a través de un archivo Troyano setup64.exe en el directorio de instalación. • http://www.securityfocus.com/bid/92941 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 27EXPL: 0CVE-2016-7461 – VMware Security Advisory 2016-0019
https://notcve.org/view.php?id=CVE-2016-7461
14 Nov 2016 — The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors. La función de arrastrar y soltar (también conocida como DnD) en VMware Workstation Pro 12.x en versiones anteriores a 12.5.2 y VMware Workstation Player 12.x en versione... • http://www.securityfocus.com/bid/94280 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2016-7082 – VMWare Workstation vprintproxy.exe EMF Double-Free
https://notcve.org/view.php?id=CVE-2016-7082
19 Sep 2016 — VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via an EMF file. VMware Workstation Pro 12.x en versiones anteriores a 12.5.0 y VMware Workstation Player 12.x en versiones anteriores a 12.5.0 en Windows, cuando la impresión virtual Cortado ThinPrint está habilitada, permiten a usuarios... • http://www.securityfocus.com/bid/92934 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 2CVE-2016-7083 – VMware Workstation - 'vprintproxy.exe' TrueType NAME Tables Heap Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2016-7083
19 Sep 2016 — VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via TrueType fonts embedded in EMFSPOOL. VMware Workstation Pro 12.x en versiones anteriores a 12.5.0 y VMware Workstation Player 12.x en versiones anteriores a 12.5.0 en Windows, cuando la impresión virtual Cortado ThinPrint está habilit... • https://packetstorm.news/files/id/138777 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •