PT-2015-1323 · Vmware · Vmware Player+2
Publicado
2015-06-13
·
Atualizado
2016-12-31
·
CVE-2015-2341
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
VMware Workstation versions 10.x through 10.0.4
VMware Player versions 6.x through 6.0.5
VMware Fusion versions 6.x through 6.0.5 and versions 7.x through 7.0.0
Description
The issue exists due to insufficient input validation in the hypervisor, allowing an attacker to cause a denial of service against a 32-bit guest OS or 64-bit host OS using a specially crafted RPC request.
Recommendations
For VMware Workstation versions 10.x through 10.0.4, update to version 10.0.5 or later.
For VMware Player versions 6.x through 6.0.5, update to version 6.0.6 or later.
For VMware Fusion versions 6.x through 6.0.5, update to version 6.0.6 or later.
For VMware Fusion versions 7.x through 7.0.0, update to version 7.0.1 or later.
Correção
DoS
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Vmware Fusion
Vmware Player
Vmware Workstation