CVE-2017-4902
VMware Workstation SVGA Heap-based Buffer Overflow Privilege Escalation Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host.
Wmware ESXi sin el parche ESXi650-201703410-SG y 5.5 sin el parche ESXi550-201703401-SG; Workstation Pro / Player 12.x anterior a 12.5.5 y Fusion Pro /Fusion 8.x anterior a la 8.5.6 tiene un buffer overflow basado en el heap --heap-- en SVGA. Este problema permitiría a un huésped ejecutar código en el host.
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the handling of SVGA graphics. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to elevate privileges and execute arbitrary code under the context of the hypervisor.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-12-26 CVE Reserved
- 2017-03-30 CVE Published
- 2024-08-05 CVE Updated
- 2024-09-07 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/97163 | Third Party Advisory | |
| http://www.securitytracker.com/id/1038148 | Third Party Advisory | |
| http://www.securitytracker.com/id/1038149 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2017-0006.html | 2022-02-03 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vmware Search vendor "Vmware" | Fusion Search vendor "Vmware" for product "Fusion" | >= 8.0.0 < 8.5.6 Search vendor "Vmware" for product "Fusion" and version " >= 8.0.0 < 8.5.6" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | - | - |
Safe
|
| Vmware Search vendor "Vmware" | Fusion Pro Search vendor "Vmware" for product "Fusion Pro" | >= 8.0.0 < 8.5.6 Search vendor "Vmware" for product "Fusion Pro" and version " >= 8.0.0 < 8.5.6" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | - | - |
Safe
|
| Vmware Search vendor "Vmware" | Workstation Player Search vendor "Vmware" for product "Workstation Player" | >= 12.0.0 < 12.5.5 Search vendor "Vmware" for product "Workstation Player" and version " >= 12.0.0 < 12.5.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Pro Search vendor "Vmware" for product "Workstation Pro" | >= 12.0.0 < 12.5.5 Search vendor "Vmware" for product "Workstation Pro" and version " >= 12.0.0 < 12.5.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 5.5 Search vendor "Vmware" for product "Esxi" and version "5.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 5.5 Search vendor "Vmware" for product "Esxi" and version "5.5" | 1 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 5.5 Search vendor "Vmware" for product "Esxi" and version "5.5" | 2 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 5.5 Search vendor "Vmware" for product "Esxi" and version "5.5" | 3a |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 5.5 Search vendor "Vmware" for product "Esxi" and version "5.5" | 3b |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 6.5 Search vendor "Vmware" for product "Esxi" and version "6.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 6.5 Search vendor "Vmware" for product "Esxi" and version "6.5" | 650-201701001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 6.5 Search vendor "Vmware" for product "Esxi" and version "6.5" | 650-201703001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 6.5 Search vendor "Vmware" for product "Esxi" and version "6.5" | 650-201703002 |
Affected
| ||||||