PT-2019-2597 · Vmware+1 · Vmware Fusion+2

Publicado

2019-04-02

Atualizado

2019-04-04

CVE-2019-5524

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 14.x before 14.1.6 VMware Fusion versions 10.x before 10.1.6

Description The issue is related to an out-of-bounds write vulnerability in the e1000 virtual network adapter, which may allow a guest to execute code on the host. This can be exploited by a remote attacker to execute arbitrary code.

Recommendations For VMware Workstation versions 14.x before 14.1.6, update to version 14.1.6 or later. For VMware Fusion versions 10.x before 10.1.6, update to version 10.1.6 or later.

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

BDU:2019-02477

CVE-2019-5524

Produtos afetados

Vmware Fusion

Vmware Workstation

E1000

PT-2019-2597 · Vmware+1 · Vmware Fusion+2

CVE-2019-5524

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6