PT-2016-7204 · Vmware · Vmware Workstation Player+1

Publicado

2016-12-29

·

Atualizado

2017-07-30

·

CVE-2016-7085

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions VMware Workstation Pro versions 12.0 through 12.4 VMware Workstation Player versions 12.0 through 12.4
Description The issue is related to an untrusted search path vulnerability in the installer. This allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
Recommendations For VMware Workstation Pro versions 12.0 through 12.4, update to version 12.5.0 or later. For VMware Workstation Player versions 12.0 through 12.4, update to version 12.5.0 or later.

Correção

Untrusted Search Path

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-426

Identificadores relacionados

CVE-2016-7085

Produtos afetados

Vmware Workstation
Vmware Workstation Player