7 matches found
VMware WorkStation 12.5.3 - Virtual Machine Escape
VMware Escape Exploit VMware Escape Exploit before VMware WorkStation 12.5.3 Host Target: Win10 x64 Compiler: VS2013 Test on VMware 12.5.2 build-4638234 Known issues Failing to heap manipulation causes host process crash. About 50% successful rate Not quite elaborate because I'm not good at doing...
CVE-2017-4901
The drag-and-drop DnD function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion...
CVE-2017-4901
The CVE-2017-4901 entry relates to VMware Workstation 12.x (before 12.5.4) and VMware Fusion 8.x (before 8.5.5), where the drag-and-drop (DnD) function has an out-of-bounds memory access vulnerability. The cited sources describe a potential for a guest operating system to execute code on the host...
VMware Player 12.x < 12.5.4 Drag-and-Drop Feature Guest-to-Host Code Execution (VMSA-2017-0005) (Linux)
The version of VMware Player installed on the remote Linux host is 12.x prior to 12.5.4. It is, therefore, affected by a guest-to-host arbitrary code execution vulnerability in the drag-and-drop DND functionality due to an out-of-bounds memory access error. An attacker within a guest can exploit...
VMware Workstation 12.x < 12.5.4 Drag-and-Drop Feature Guest-to-Host Code Execution (VMSA-2017-0005) (Linux)
The version of VMware Workstation installed on the remote Linux host is 12.x prior to 12.5.4. It is, therefore, affected by a guest-to-host arbitrary code execution vulnerability in the drag-and-drop DND functionality due to an out-of-bounds memory access error. An attacker within a guest can...
VMware Workstation 12.x < 12.5.4 Drag-and-Drop Feature Guest-to-Host Code Execution (VMSA-2017-0005)
The version of VMware Workstation installed on the remote Windows host is 12.x prior to 12.5.4. It is, therefore, affected by a guest-to-host arbitrary code execution vulnerability in the drag-and-drop DND functionality due to an out-of-bounds memory access error. An attacker within a guest can...
KLA11037 Arbitrary code execution vulnerability in VMware products
An out-of-bounds memory access vulnerability in the DnD drag-and-drop function was found in VMware Workstation Pro and VMware Workstation Player. By exploiting this vulnerability malicious users can execute arbitrary code on the operating system running VMware Workstation Pro or VMware Workstatio...