CVE-2015-2337

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 10.0.0 through 10.0.5 VMware Workstation versions 11.0.0 through 11.0.0 VMware Player versions 6.0.0 through 6.0.5 VMware Player versions 7.0.0 through 7.0.0 VMware Horizon Client versions 3.2.0 through 3.2.0 VMware Horizon Client versions 3.3.0 through 3.3.x VMware Horizon Client versions 5.0.0 through 5.4.1

Description The issue is related to the TPInt.dll library, which does not properly allocate memory. This allows guest OS users to execute arbitrary code on the host OS. The vulnerability is associated with errors in resource management. Exploitation of the vulnerability may allow users of the guest operating system to execute code in the host operating system.

Recommendations For VMware Workstation versions 10.0.0 through 10.0.5, update to version 10.0.6 or later. For VMware Workstation versions 11.0.0 through 11.0.0, update to version 11.1.1 or later. For VMware Player versions 6.0.0 through 6.0.5, update to version 6.0.6 or later. For VMware Player versions 7.0.0 through 7.0.0, update to version 7.1.1 or later. For VMware Horizon Client versions 3.2.0 through 3.2.0, update to version 3.2.1 or later. For VMware Horizon Client versions 3.3.0 through 3.3.x, update to a version outside of the 3.3.x range or apply a patch if available. For VMware Horizon Client versions 5.0.0 through 5.4.1, update to version 5.4.2 or later.