CVE-2014-3793

2014-05-3111:17:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

vmware

vmware tools

workstation

player

fusion

esxi

windows 8.1

privilege escalation

denial of service

cve-2014-3793

nvd

6.6 Medium

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

53.1%

JSON

VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors.

CPENameOperatorVersion
vmware:playervmware playereq6.0
vmware:esxivmware esxieq5.5
vmware:esxivmware esxieq5.1
vmware:fusionvmware fusioneq6.0.1
vmware:workstationvmware workstationeq10.0
vmware:fusionvmware fusioneq6.0
vmware:esxivmware esxieq5.0
vmware:workstationvmware workstationeq10.0.1
vmware:fusionvmware fusioneq6.0.2
vmware:playervmware playereq6.0.1

CPE	Name	Operator	Version
vmware:player	vmware player	eq	6.0
vmware:esxi	vmware esxi	eq	5.5
vmware:esxi	vmware esxi	eq	5.1
vmware:fusion	vmware fusion	eq	6.0.1
vmware:workstation	vmware workstation	eq	10.0
vmware:fusion	vmware fusion	eq	6.0
vmware:esxi	vmware esxi	eq	5.0
vmware:workstation	vmware workstation	eq	10.0.1
vmware:fusion	vmware fusion	eq	6.0.2
vmware:player	vmware player	eq	6.0.1