Kaspersky LabKLA10624KLA10624 Privelege escalation vulnerability in VMware products
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
23.7%
Detect date:
07/09/2015
Severity:
High
Description:
An unspecified vulnerability was found in VMware products. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a thread manipulations.
Affected products:
VMware Workstation for Windows 11 versions earlier than 11.1.1
VMware Workstation for Windows 10 versions earlier than 10.0.7
VMware Player for Windows 7 versions earlier than 7.1.1
VMware Player for Windows 6 versions earlier than 6.0.7
VMware Horizon Client for Windows 5 versions earlier than 5.4.2
Solution:
Update to the latest version
VMware products download
Original advisories:
Impacts:
PE
Related products:
CVE-IDS:
CVE-2015-36507.2High
References
www.vmware.com/security/advisories/VMSA-2015-0005.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3650
my.vmware.com/web/vmware/downloads
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/VMware-Horizon-View-Client/
threats.kaspersky.com/en/product/VMware-Player/
threats.kaspersky.com/en/product/VMware-Workstation/
Related
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
23.7%