PT-2018-2008 · Vmware · Vmware Fusion+1

Publicado

2018-11-22

Atualizado

2018-12-19

CVE-2018-6983

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 14.1.5 and earlier, 15.0.2 and earlier VMware Fusion versions 10.1.5 and earlier, 11.0.2 and earlier

Description The issue is caused by an integer overflow in the virtual network devices of the software. This may allow a guest to execute code on the host, potentially permitting a remote attacker to run arbitrary code.

Recommendations For VMware Workstation versions 14.1.5 and earlier, update to version 14.1.5 or later. For VMware Workstation versions 15.0.2 and earlier, update to version 15.0.2 or later. For VMware Fusion versions 10.1.5 and earlier, update to version 10.1.5 or later. For VMware Fusion versions 11.0.2 and earlier, update to version 11.0.2 or later.

Correção

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190

Identificadores relacionados

BDU:2018-01624

CVE-2018-6983

Produtos afetados

Vmware Fusion

Vmware Workstation

PT-2018-2008 · Vmware · Vmware Fusion+1

CVE-2018-6983

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7