PT-2014-4670 · Vmware · Vmware Player+1

Publicado

2014-04-15

Atualizado

2014-04-16

CVE-2014-2384

CVSS v2.0

4.9

Média

Vetor

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions VMware Workstation version 10.0.1 build 1379776 VMware Player version 6.0.1 build 1379776

Description The issue allows local users to cause a denial of service, resulting in a read access violation and system crash, via a crafted buffer in an IOCTL call. The vendor has rated this issue as non-exploitable.

Recommendations For VMware Workstation version 10.0.1 build 1379776, consider restricting access to the vmx86.sys driver to minimize the risk of exploitation. For VMware Player version 6.0.1 build 1379776, consider restricting access to the vmx86.sys driver to minimize the risk of exploitation.

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

CVE-2014-2384

Produtos afetados

Vmware Player

Vmware Workstation

PT-2014-4670 · Vmware · Vmware Player+1

CVE-2014-2384

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4