PT-2017-16207 · Vmware · Vmware Esxi+2

Publicado

2017-09-15

Atualizado

2022-02-03

CVE-2017-4924

CVSS v3.1

8.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions VMware ESXi versions 6.5 without patch ESXi650-201707101-SG VMware Workstation versions 12.x before 12.5.7 VMware Fusion versions 8.x before 8.5.8

Description The issue is an out-of-bounds write vulnerability in the SVGA device, which may allow a guest to execute code on the host.

Recommendations For VMware ESXi version 6.5, apply patch ESXi650-201707101-SG to resolve the issue. For VMware Workstation versions 12.x before 12.5.7, update to version 12.5.7 or later. For VMware Fusion versions 8.x before 8.5.8, update to version 8.5.8 or later.

Exploit

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

CVE-2017-4924

ZDI-17-738

Produtos afetados

Vmware Esxi

Vmware Fusion

Vmware Workstation

PT-2017-16207 · Vmware · Vmware Esxi+2

CVE-2017-4924

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8