Page 5 of 32 results (0.008 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 2

VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine. Workstation Pro/Player de VMware, contiene una vulnerabilidad de carga de biblioteca no segura por medio de los archivos de configuración del controlador de sonido ALSA. La explotación con éxito de este problema puede permitir a los usuarios del host sin privilegios escalar sus privilegios a root en una máquina host de Linux. • https://www.exploit-db.com/exploits/42045 https://www.exploit-db.com/exploits/47171 http://www.securityfocus.com/bid/98566 http://www.securitytracker.com/id/1038525 https://www.vmware.com/security/advisories/VMSA-2017-0009.html • CWE-863: Incorrect Authorization •

CVSS: 6.8EPSS: 1%CPEs: 3EXPL: 1

VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation of this issue may allow host users with normal user privileges to trigger a denial-of-service in a Windows host machine. Workstation Pro/Player de VMware, contiene una vulnerabilidad de desreferencia de un puntero NULL que se presenta en el controlador vstor2. La explotación con éxito de este problema puede permitir a los usuarios del host con privilegios de usuario normal desencadenar una denegación de servicio en una máquina host de Windows. VMware Workstation version 12 Pro suffers from a null pointer dereference in the vstor2 driver. • https://www.exploit-db.com/exploits/42140 http://www.securityfocus.com/bid/98560 http://www.securitytracker.com/id/1038526 https://www.vmware.com/security/advisories/VMSA-2017-0009.html • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View. • http://www.securityfocus.com/bid/97913 http://www.securitytracker.com/id/1038280 http://www.securitytracker.com/id/1038281 http://www.vmware.com/security/advisories/VMSA-2017-0008.html • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds write vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View. • http://www.securityfocus.com/bid/97916 http://www.securitytracker.com/id/1038280 http://www.securitytracker.com/id/1038281 http://www.vmware.com/security/advisories/VMSA-2017-0008.html • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View. • http://www.securityfocus.com/bid/97912 http://www.securitytracker.com/id/1038280 http://www.securitytracker.com/id/1038281 http://www.vmware.com/security/advisories/VMSA-2017-0008.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •