PT-2016-7200 · Vmware+1 · Vmware Workstation Player+2

Published

2016-12-29

·

Updated

2017-07-30

·

CVE-2016-7081

CVSS v3.1

7.8

High

VectorAV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions VMware Workstation Pro versions 12.0 through 12.4 VMware Workstation Player versions 12.0 through 12.4
Description The issue is related to multiple heap-based buffer overflows that can occur when Cortado ThinPrint virtual printing is enabled. This allows guest OS users to execute arbitrary code on the host OS. The estimated number of potentially affected devices worldwide is not specified. There is no information provided about real-world incidents where this issue was exploited.
Recommendations For VMware Workstation Pro versions 12.0 through 12.4, update to version 12.5.0 or later. For VMware Workstation Player versions 12.0 through 12.4, update to version 12.5.0 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2016-7081
ZDI-16-682

Affected Products

Cortado Thinprint
Vmware Workstation
Vmware Workstation Player