KLA10933 Multiple vulnerabilities in VMware Workstation Pro and VMware Workstation Player

Multiple serious vulnerabilities have been found in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0. Malicious users can exploit these vulnerabilities to gain priveleges, execute arbitrary code or cause a denial of service.

Below is a complete list of vulnerabilities:

1. An unknown vulnerability can be exploited locally via a Trojan horse setup64.exe file placed in the installation directory to gain privileges;
2. Untrusted search path vulnerability can be exploited locally via a Trojain horse DLL placed in an unspecified directory to gain privileges;
3. An unknown vulnerability can be exploited locally via a JPEG 2000 image to execute arbitrary code on the host OS or cause a denial of service.

Technical details

Vulnerability (3) occurs in tpview.dll if Cortado ThinPrint virtual printing is enabled.

Original advisories

VMSA-2016-0014

Exploitation

Public exploits exist for this vulnerability.

Related products

VMware-Workstation

VMware-Player

CVE list

CVE-2016-7086 high

CVE-2016-7085 high

CVE-2016-7084 high

Solution

Update to the latest version

Get VMware products

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• VMware Workstation Pro 12.x before 12.5.0VMware Workstation Player 12.x before 12.5.0