PT-2015-4033 · Vmware · Vmware Player+3

Published

2015-01-29

Updated

2017-09-08

CVE-2014-8370

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 10.x through 10.0.4 VMware Player versions 6.x through 6.0.4 VMware Fusion versions 6.x through 6.0.4 VMware ESXi versions 5.0 through 5.5

Description The issue allows host OS users to gain host OS privileges or cause a denial of service by modifying a configuration file, potentially leading to arbitrary write to a file.

Recommendations For VMware Workstation versions 10.x through 10.0.4, update to version 10.0.5 or later. For VMware Player versions 6.x through 6.0.4, update to version 6.0.5 or later. For VMware Fusion versions 6.x through 6.0.4, update to version 6.0.5 or later. For VMware ESXi versions 5.0 through 5.5, update to a version later than 5.5.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2014-8370

Affected Products

Vmware Esxi

Vmware Fusion

Vmware Player

Vmware Workstation

PT-2015-4033 · Vmware · Vmware Player+3

CVE-2014-8370

Weakness Enumeration

Related Identifiers

Affected Products

References · 12