Lucene search

MitreCVE-2016-7079

HistoryDec 29, 2016 - 9:59 a.m.

CVE-2016-7079

2016-12-2909:59:00

CWE-476

mitre

web.nvd.nist.gov

vmware

tools

9.x

10.x

10.0.9

os x

privilege escalation

denial of service

null pointer dereference

cve-2016-7079

cve-2016-7080

nvd

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

Percentile

5.1%

JSON

The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7080.

Affected configurations

Nvd

Node

vmwaretoolsRange≤10.0.8

vmwaretoolsMatch10.0.0

vmwaretoolsMatch10.0.5

vmwaretoolsMatch10.0.6

AND

applemac_os_x

Node

vmwaretoolsMatch9.0.0

vmwaretoolsMatch9.0.1

vmwaretoolsMatch9.0.5

vmwaretoolsMatch9.0.10

vmwaretoolsMatch9.0.11

vmwaretoolsMatch9.0.12

vmwaretoolsMatch9.0.13

vmwaretoolsMatch9.0.15

vmwaretoolsMatch9.0.16

vmwaretoolsMatch9.0.17

vmwaretoolsMatch9.4.0

vmwaretoolsMatch9.4.5

vmwaretoolsMatch9.4.10

vmwaretoolsMatch9.4.11

vmwaretoolsMatch9.4.12

vmwaretoolsMatch9.4.15

vmwaretoolsMatch9.10.0

vmwaretoolsMatch9.10.1

vmwaretoolsMatch9.10.5

AND

applemac_os_x

VendorProductVersionCPE
vmwaretools*cpe:2.3:a:vmware:tools:*:*:*:*:*:*:*:*
vmwaretools10.0.0cpe:2.3:a:vmware:tools:10.0.0:*:*:*:*:*:*:*
vmwaretools10.0.5cpe:2.3:a:vmware:tools:10.0.5:*:*:*:*:*:*:*
vmwaretools10.0.6cpe:2.3:a:vmware:tools:10.0.6:*:*:*:*:*:*:*
applemac_os_x*cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
vmwaretools9.0.0cpe:2.3:a:vmware:tools:9.0.0:*:*:*:*:*:*:*
vmwaretools9.0.1cpe:2.3:a:vmware:tools:9.0.1:*:*:*:*:*:*:*
vmwaretools9.0.5cpe:2.3:a:vmware:tools:9.0.5:*:*:*:*:*:*:*
vmwaretools9.0.10cpe:2.3:a:vmware:tools:9.0.10:*:*:*:*:*:*:*
vmwaretools9.0.11cpe:2.3:a:vmware:tools:9.0.11:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
vmware	tools	*	cpe:2.3:a:vmware:tools::::::::
vmware	tools	10.0.0	cpe:2.3:a:vmware:tools:10.0.0:::::::*
vmware	tools	10.0.5	cpe:2.3:a:vmware:tools:10.0.5:::::::*
vmware	tools	10.0.6	cpe:2.3:a:vmware:tools:10.0.6:::::::*
apple	mac_os_x	*	cpe:2.3:o:apple:mac_os_x::::::::
vmware	tools	9.0.0	cpe:2.3:a:vmware:tools:9.0.0:::::::*
vmware	tools	9.0.1	cpe:2.3:a:vmware:tools:9.0.1:::::::*
vmware	tools	9.0.5	cpe:2.3:a:vmware:tools:9.0.5:::::::*
vmware	tools	9.0.10	cpe:2.3:a:vmware:tools:9.0.10:::::::*
vmware	tools	9.0.11	cpe:2.3:a:vmware:tools:9.0.11:::::::*

Rows per page:

1-10 of 241

References

www.securityfocus.com/bid/92938

www.securitytracker.com/id/1036804

www.vmware.com/security/advisories/VMSA-2016-0014.html

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2016-7079