PT-2019-4080 · Vmware · Vmware Fusion+4
Wenqunwang
+1
·
Published
2019-09-19
·
Updated
2022-06-02
·
CVE-2019-5527
CVSS v3.1
8.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
VMware ESXi versions (affected versions not specified)
VMware Workstation versions (affected versions not specified)
VMware Fusion versions (affected versions not specified)
VMware Remote Console versions (affected versions not specified)
VMware Horizon Client versions (affected versions not specified)
Description
The issue is related to a use-after-free vulnerability in the virtual sound device of the affected products. This vulnerability can potentially allow an attacker to execute arbitrary code.
Recommendations
For VMware ESXi, update to a version that includes the fix for this issue.
For VMware Workstation, update to a version that includes the fix for this issue.
For VMware Fusion, update to a version that includes the fix for this issue.
For VMware Remote Console, update to a version that includes the fix for this issue.
For VMware Horizon Client, update to a version that includes the fix for this issue.
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vmware Esxi
Vmware Fusion
Vmware Horizon Client
Vmware Remote Console
Vmware Workstation