Lucene search
K

7 matches found

Exploit DB
Exploit DB
added 2019/06/06 12:0 a.m.53 views

VMware WorkStation 12.5.3 - Virtual Machine Escape

VMware Escape Exploit VMware Escape Exploit before VMware WorkStation 12.5.3 Host Target: Win10 x64 Compiler: VS2013 Test on VMware 12.5.2 build-4638234 Known issues Failing to heap manipulation causes host process crash. About 50% successful rate Not quite elaborate because I'm not good at doing...

7.3AI score
Exploits0
OSV
OSV
added 2017/06/08 1:29 p.m.3 views

CVE-2017-4901

The drag-and-drop DnD function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion...

9.9CVSS6AI score
Exploits0References3
CVE
CVE
added 2017/06/08 1:0 p.m.193 views

CVE-2017-4901

The CVE-2017-4901 entry relates to VMware Workstation 12.x (before 12.5.4) and VMware Fusion 8.x (before 8.5.5), where the drag-and-drop (DnD) function has an out-of-bounds memory access vulnerability. The cited sources describe a potential for a guest operating system to execute code on the host...

9.9CVSS7.3AI score0.1994EPSS
Exploits5References3Affected Software2
Tenable Nessus
Tenable Nessus
added 2017/03/27 12:0 a.m.54 views

VMware Player 12.x < 12.5.4 Drag-and-Drop Feature Guest-to-Host Code Execution (VMSA-2017-0005) (Linux)

The version of VMware Player installed on the remote Linux host is 12.x prior to 12.5.4. It is, therefore, affected by a guest-to-host arbitrary code execution vulnerability in the drag-and-drop DND functionality due to an out-of-bounds memory access error. An attacker within a guest can exploit...

9.9CVSS9.2AI score0.1994EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2017/03/24 12:0 a.m.48 views

VMware Workstation 12.x < 12.5.4 Drag-and-Drop Feature Guest-to-Host Code Execution (VMSA-2017-0005) (Linux)

The version of VMware Workstation installed on the remote Linux host is 12.x prior to 12.5.4. It is, therefore, affected by a guest-to-host arbitrary code execution vulnerability in the drag-and-drop DND functionality due to an out-of-bounds memory access error. An attacker within a guest can...

9.9CVSS8AI score0.1994EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2017/03/24 12:0 a.m.31 views

VMware Workstation 12.x < 12.5.4 Drag-and-Drop Feature Guest-to-Host Code Execution (VMSA-2017-0005)

The version of VMware Workstation installed on the remote Windows host is 12.x prior to 12.5.4. It is, therefore, affected by a guest-to-host arbitrary code execution vulnerability in the drag-and-drop DND functionality due to an out-of-bounds memory access error. An attacker within a guest can...

9.9CVSS9.3AI score0.1994EPSS
Exploits5References2
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.43 views

KLA11037 Arbitrary code execution vulnerability in VMware products

An out-of-bounds memory access vulnerability in the DnD drag-and-drop function was found in VMware Workstation Pro and VMware Workstation Player. By exploiting this vulnerability malicious users can execute arbitrary code on the operating system running VMware Workstation Pro or VMware Workstatio...

9.9CVSS10AI score0.1994EPSS
Exploits5References5
Rows per page
Query Builder