Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistVmwareCVELIST:CVE-2017-4905
HistoryJun 07, 2017 - 6:00 p.m.

CVE-2017-4905

2017-06-0718:00:00
vmware
www.cve.org
1

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.7%

JSON

VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. This issue may lead to an information leak.

CNA Affected

[
  {
    "product": "ESXi",
    "vendor": "VMware",
    "versions": [
      {
        "status": "affected",
        "version": "6.5 without patch ESXi650-201703410-SG"
      },
      {
        "status": "affected",
        "version": "6.0 U3 without patch ESXi600-201703401-SG"
      },
      {
        "status": "affected",
        "version": "6.0 U2 without patch ESXi600-201703403-SG"
      },
      {
        "status": "affected",
        "version": "6.0 U1 without patch ESXi600-201703402-SG"
      },
      {
        "status": "affected",
        "version": "5.5 without patch ESXi550-201703401-SG"
      }
    ]
  },
  {
    "product": "Workstation Pro / Player",
    "vendor": "VMware",
    "versions": [
      {
        "status": "affected",
        "version": "12.x prior to 12.5.5"
      }
    ]
  },
  {
    "product": "Fusion Pro / Fusion",
    "vendor": "VMware",
    "versions": [
      {
        "status": "affected",
        "version": "8.x prior to 8.5.6"
      }
    ]
  }
]

Related

cve 1
zdi 1
nvd 1
prion 1
zdt 1
nessus 7
exploitpack 1
exploitdb 1
openvas 5
vmware 1
threatpost 1
ibm 1
cve
cve
CVE-2017-4905
2017-06-07 18:29:00
zdi
zdi
(Pwn2Own) VMware Workstation Uninitialized Memory Information Disclosure Vulnerability
2017-03-30 00:00:00
nvd
nvd
CVE-2017-4905
2017-06-07 18:29:00
prion
prion
Memory corruption
2017-06-07 18:29:00
zdt
zdt
VMware WorkStation 12.5.3 - Virtual Machine Escape Exploit
2019-11-25 00:00:00
nessus
nessus
ESXi 5.5 < Build 5230635 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)
2017-03-31 00:00:00
ESXi 6.5 < Build 5224529 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)
2017-03-31 00:00:00
ESXi 6.0 U1 < Build 5251621 / 6.0 U2 < Build 5251623 / 6.0 U3 < Build 5224934 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)
2017-03-31 00:00:00
exploitpack
exploitpack
VMware WorkStation 12.5.3 - Virtual Machine Escape
2019-06-06 00:00:00
exploitdb
exploitdb
VMware WorkStation 12.5.3 - Virtual Machine Escape
2019-06-06 00:00:00
openvas
openvas
VMware Workstation Code Execution And Information Disclosure Vulnerabilities - Linux
2017-07-03 00:00:00
VMware Fusion Code Execution And Information Disclosure Vulnerabilities - Mac OS X
2017-07-03 00:00:00
VMware ESXi updates address critical and moderate security issues (VMSA-2017-0006)
2017-03-31 00:00:00
vmware
vmware
VMware ESXi, Workstation and Fusion updates address critical and moderate security issues
2017-03-28 00:00:00
threatpost
threatpost
VMware Patches Pwn2Own VM Escape Vulnerabilities
2017-03-29 12:00:04
ibm
ibm
Security Bulletin: Open Source VMware Fusion Vulnerabilities in IBM Pure Application System (CVE-2017-4903, CVE-2017-4904, CVE-2017-4905)
2019-06-25 19:40:02

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.7%

JSON
Related for CVELIST:CVE-2017-4905
cve1zdi1nvd1prion1zdt1nessus7exploitpack1exploitdb1openvas5vmware1threatpost1ibm1