PT-2017-16221 · Vmware · Vmware Workstation
Publicado
2017-11-17
·
Atualizado
2017-12-03
·
CVE-2017-4939
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
VMware Workstation versions 12.x through 12.5.7
Description
The issue exists due to some DLL files loaded by the application improperly, which may allow an attacker to load a DLL file of their choosing that could execute arbitrary code. This is a result of a DLL hijacking issue in the installer.
Recommendations
For versions 12.x through 12.5.7, update to version 12.5.8 or later to resolve the issue.
Correção
Untrusted Search Path
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Vmware Workstation