|Title:||VMware Workstation Code Execution And Information Disclosure Vulnerabilities (Linux)|
|Summary:||The host is installed with VMware; Workstation and is prone to information disclosure and multiple code; execution vulnerabilities.|
The host is installed with VMware
Workstation and is prone to information disclosure and multiple code
Multiple flaws are due to,
- A heap buffer overflow and uninitialized stack memory usage in SVGA.
- An uninitialized memory usage in XHCI controller.
Successful exploitation will allow a
guest to execute code on the host and may also lead to information leak.
Impact Level: System/Application
VMware Workstation 12.x before 12.5.5 on
Upgrade to VMware Workstation version
12.5.5 or later. For updates refer to http://www.vmware.com
BugTraq ID: 97163|
BugTraq ID: 97160
BugTraq ID: 97165
BugTraq ID: 97164
Common Vulnerability Exposure (CVE) ID: CVE-2017-4902
Common Vulnerability Exposure (CVE) ID: CVE-2017-4903
Common Vulnerability Exposure (CVE) ID: CVE-2017-4904
Common Vulnerability Exposure (CVE) ID: CVE-2017-4905
|Copyright||Copyright (C) 2017 Greenbone Networks GmbH|
|This is only one of 58880 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.