Lucene search
This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.VMWARE_WORKSTATION_WIN_VMSA_2018_0022.NASLHistoryAug 20, 2018 - 12:00 a.m.
VMware Workstation 14.x < 14.1.3 Out-of-Bounds Write (VMSA-2018-0022)
2018-08-2000:00:00
This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
The version of VMware Workstation installed on the remote Windows host is 14.x prior to 14.1.3. It is, therefore, missing a security update that fixes an out-of-bounds write vulnerability.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(111979);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/03/15");
script_cve_id("CVE-2018-6973");
script_bugtraq_id(105094);
script_xref(name:"VMSA", value:"2018-0022");
script_name(english:"VMware Workstation 14.x < 14.1.3 Out-of-Bounds Write (VMSA-2018-0022)");
script_summary(english:"Checks the VMware Workstation version.");
script_set_attribute(attribute:"synopsis", value:
"A virtualization application installed on the remote Windows host is
affected by an out-of-bounds write vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of VMware Workstation installed on the remote Windows
host is 14.x prior to 14.1.3. It is, therefore, missing a security
update that fixes an out-of-bounds write vulnerability.");
script_set_attribute(attribute:"see_also", value:"https://www.vmware.com/us/security/advisories/VMSA-2018-0022.html");
script_set_attribute(attribute:"solution", value:
"Upgrade to VMware Workstation version 14.1.3 or later.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-6973");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/14");
script_set_attribute(attribute:"patch_publication_date", value:"2018/08/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/20");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:vmware:workstation");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("vmware_workstation_detect.nasl");
script_require_keys("SMB/Registry/Enumerated", "installed_sw/VMware Workstation");
exit(0);
}
include('vcf.inc');
get_kb_item_or_exit('SMB/Registry/Enumerated');
var app_info = vcf::get_app_info(app:'VMware Workstation', win_local:TRUE);
vcf::check_granularity(app_info:app_info, sig_segments:2);
var constraints = [
{ 'min_version' : '14.0', 'fixed_version' : '14.1.3'}
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| vmware | workstation | cpe:/a:vmware:workstation |
Related
cve
cve
CVE-2018-6973
2018-08-15 12:29:00
nessus
nessus
VMware Player 14.x < 14.1.3 Out-of-Bounds Write (VMSA-2018-022)
2018-08-20 00:00:00
zdi
zdi
VMware Workstation e1000 Buffer Overflow Privilege Escalation Vulnerability
2018-09-17 00:00:00
prion
prion
Out-of-bounds
2018-08-15 12:29:00
vmware
vmware
VMware Workstation and Fusion updates address an out-of-bounds write issue
2018-08-14 00:00:00
kaspersky
kaspersky
KLA11304 Multiple vulnerabilities in VMware products
2018-08-14 00:00:00
Related for VMWARE_WORKSTATION_WIN_VMSA_2018_0022.NASL