// For flags

CVE-2015-3650

 

Severity Score

7.2
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 and 11.x before 11.1.1, VMware Player 5.x and 6.x before 6.0.7 and 7.x before 7.1.1, and VMware Horizon Client 5.x local-mode before 5.4.2 on Windows does not provide a valid DACL pointer during the setup of the vprintproxy.exe process, which allows host OS users to gain host OS privileges by injecting a thread.

Vmware-vmx.exe en VMware Workstation 7.x hasta 10.x anterior a 10.0.7 y 11.xanterior a 11.1.1, VMware Player 5.x y 6.x anterior a 6.0.7 y 7.x anterior a 7.1.1, y VMware Horizont Client hasta la versión 5.4.2 en Windows. No proporciona un puntero DACL válido durante la instalación del proceso vprintproxy.exe, por lo que permite a los usuarios del sistema operativo obtener privilegios del sistema mediante la inyección de un hilo.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2015-05-06 CVE Reserved
  • 2015-07-10 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-284: Improper Access Control
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Vmware
Search vendor "Vmware"
Player
Search vendor "Vmware" for product "Player"
5.0
Search vendor "Vmware" for product "Player" and version "5.0"
-
Affected
Vmware
Search vendor "Vmware"
Player
Search vendor "Vmware" for product "Player"
5.0.1
Search vendor "Vmware" for product "Player" and version "5.0.1"
-
Affected
Vmware
Search vendor "Vmware"
Player
Search vendor "Vmware" for product "Player"
5.0.2
Search vendor "Vmware" for product "Player" and version "5.0.2"
-
Affected
Vmware
Search vendor "Vmware"
Player
Search vendor "Vmware" for product "Player"
5.0.3
Search vendor "Vmware" for product "Player" and version "5.0.3"
-
Affected
Vmware
Search vendor "Vmware"
Player
Search vendor "Vmware" for product "Player"
5.0.4
Search vendor "Vmware" for product "Player" and version "5.0.4"
-
Affected
Vmware
Search vendor "Vmware"
Player
Search vendor "Vmware" for product "Player"
6.0
Search vendor "Vmware" for product "Player" and version "6.0"
-
Affected
Vmware
Search vendor "Vmware"
Player
Search vendor "Vmware" for product "Player"
6.0.1
Search vendor "Vmware" for product "Player" and version "6.0.1"
-
Affected
Vmware
Search vendor "Vmware"
Player
Search vendor "Vmware" for product "Player"
6.0.2
Search vendor "Vmware" for product "Player" and version "6.0.2"
-
Affected
Vmware
Search vendor "Vmware"
Player
Search vendor "Vmware" for product "Player"
6.0.3
Search vendor "Vmware" for product "Player" and version "6.0.3"
-
Affected
Vmware
Search vendor "Vmware"
Player
Search vendor "Vmware" for product "Player"
6.0.4
Search vendor "Vmware" for product "Player" and version "6.0.4"
-
Affected
Vmware
Search vendor "Vmware"
Player
Search vendor "Vmware" for product "Player"
6.0.5
Search vendor "Vmware" for product "Player" and version "6.0.5"
-
Affected
Vmware
Search vendor "Vmware"
Player
Search vendor "Vmware" for product "Player"
6.0.6
Search vendor "Vmware" for product "Player" and version "6.0.6"
-
Affected
Vmware
Search vendor "Vmware"
Player
Search vendor "Vmware" for product "Player"
7.0
Search vendor "Vmware" for product "Player" and version "7.0"
-
Affected
Vmware
Search vendor "Vmware"
Player
Search vendor "Vmware" for product "Player"
7.1
Search vendor "Vmware" for product "Player" and version "7.1"
-
Affected
Vmware
Search vendor "Vmware"
Workstation
Search vendor "Vmware" for product "Workstation"
10.0
Search vendor "Vmware" for product "Workstation" and version "10.0"
-
Affected
Vmware
Search vendor "Vmware"
Workstation
Search vendor "Vmware" for product "Workstation"
10.0.1
Search vendor "Vmware" for product "Workstation" and version "10.0.1"
-
Affected
Vmware
Search vendor "Vmware"
Workstation
Search vendor "Vmware" for product "Workstation"
10.0.2
Search vendor "Vmware" for product "Workstation" and version "10.0.2"
-
Affected
Vmware
Search vendor "Vmware"
Workstation
Search vendor "Vmware" for product "Workstation"
10.0.3
Search vendor "Vmware" for product "Workstation" and version "10.0.3"
-
Affected
Vmware
Search vendor "Vmware"
Workstation
Search vendor "Vmware" for product "Workstation"
10.0.4
Search vendor "Vmware" for product "Workstation" and version "10.0.4"
-
Affected
Vmware
Search vendor "Vmware"
Workstation
Search vendor "Vmware" for product "Workstation"
10.0.5
Search vendor "Vmware" for product "Workstation" and version "10.0.5"
-
Affected
Vmware
Search vendor "Vmware"
Workstation
Search vendor "Vmware" for product "Workstation"
10.0.6
Search vendor "Vmware" for product "Workstation" and version "10.0.6"
-
Affected
Vmware
Search vendor "Vmware"
Workstation
Search vendor "Vmware" for product "Workstation"
11.0
Search vendor "Vmware" for product "Workstation" and version "11.0"
-
Affected
Vmware
Search vendor "Vmware"
Workstation
Search vendor "Vmware" for product "Workstation"
11.1
Search vendor "Vmware" for product "Workstation" and version "11.1"
-
Affected
Vmware
Search vendor "Vmware"
Horizon View Client
Search vendor "Vmware" for product "Horizon View Client"
5.4
Search vendor "Vmware" for product "Horizon View Client" and version "5.4"
-
Affected
Vmware
Search vendor "Vmware"
Horizon View Client
Search vendor "Vmware" for product "Horizon View Client"
5.4.1
Search vendor "Vmware" for product "Horizon View Client" and version "5.4.1"
-
Affected