PT-2018-2008 · Vmware · Vmware Fusion+1

Published

2018-11-22

Updated

2018-12-19

CVE-2018-6983

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 14.1.5 and earlier, 15.0.2 and earlier VMware Fusion versions 10.1.5 and earlier, 11.0.2 and earlier

Description The issue is caused by an integer overflow in the virtual network devices of the software. This may allow a guest to execute code on the host, potentially permitting a remote attacker to run arbitrary code.

Recommendations For VMware Workstation versions 14.1.5 and earlier, update to version 14.1.5 or later. For VMware Workstation versions 15.0.2 and earlier, update to version 15.0.2 or later. For VMware Fusion versions 10.1.5 and earlier, update to version 10.1.5 or later. For VMware Fusion versions 11.0.2 and earlier, update to version 11.0.2 or later.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

BDU:2018-01624

CVE-2018-6983

Affected Products

Vmware Fusion

Vmware Workstation

PT-2018-2008 · Vmware · Vmware Fusion+1

CVE-2018-6983

Weakness Enumeration

Related Identifiers

Affected Products

References · 7