PT-2013-4450 · Vmware+1 · Vmware Player+4
Published
2013-12-04
·
Updated
2014-03-03
·
CVE-2013-3519
CVSS v2.0
7.9
High
| Vector | AV:A/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
VMware Workstation versions 9.0.0 through 9.0.2
VMware Player versions 5.0.0 through 5.0.2
VMware Fusion versions 5.0.0 through 5.0.3
VMware ESXi versions 4.0 through 5.1
VMware ESX versions 4.0 and 4.1
Description
The issue allows guest OS users to gain guest OS privileges via an application that performs a crafted memory allocation when a 32-bit Windows guest OS is used.
Recommendations
For VMware Workstation versions 9.0.0 through 9.0.2, update to version 9.0.3 or later.
For VMware Player versions 5.0.0 through 5.0.2, update to version 5.0.3 or later.
For VMware Fusion versions 5.0.0 through 5.0.3, update to version 5.0.4 or later.
For VMware ESXi versions 4.0 through 5.1, apply the relevant patch or update.
For VMware ESX versions 4.0 and 4.1, apply the relevant patch or update.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vmware Esxi
Vmware Fusion
Vmware Player
Vmware Workstation
Windows