CVE-2016-5329
VMware Security Advisory 2016-0017
Severity Score
5.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors.
VMware Fusion 8.x en versiones anteriores a 8.5 en OS X, cuando System Integrity Protection (SIP) está habilitado, permite a usuarios locales determinar las direcciones de memoria del kernel y eludir el mecanismo de protección kASLR a través de vectores no especificados.
VMware product updates address information disclosure issues in VMware Fusion and VMware Tools running on Mac OS X.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-06-07 CVE Reserved
- 2016-10-26 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/93888 | Third Party Advisory | |
| http://www.securitytracker.com/id/1037103 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2016-0017.html | 2017-07-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vmware Search vendor "Vmware" | Fusion Search vendor "Vmware" for product "Fusion" | 8.0.0 Search vendor "Vmware" for product "Fusion" and version "8.0.0" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Vmware Search vendor "Vmware" | Fusion Search vendor "Vmware" for product "Fusion" | 8.0.1 Search vendor "Vmware" for product "Fusion" and version "8.0.1" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Vmware Search vendor "Vmware" | Fusion Search vendor "Vmware" for product "Fusion" | 8.0.2 Search vendor "Vmware" for product "Fusion" and version "8.0.2" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Vmware Search vendor "Vmware" | Fusion Search vendor "Vmware" for product "Fusion" | 8.1.0 Search vendor "Vmware" for product "Fusion" and version "8.1.0" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Vmware Search vendor "Vmware" | Fusion Search vendor "Vmware" for product "Fusion" | 8.1.1 Search vendor "Vmware" for product "Fusion" and version "8.1.1" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|