7 matches found
Security Bulletin: Open Source VMware Fusion Vulnerabilities in IBM Pure Application System (CVE-2017-4903, CVE-2017-4904, CVE-2017-4905)
Summary Multiple vulnerabilities in Open Source VMware affects IBM PureApplication System. IBM PureApplication System has addressed Common Vulnerabilities Exposures CVE-2017-4903, CVE-2017-4904, CVE-2017-4905. Additionally this bulletin includes information about the release of fix for Common...
CVE-2017-4904
The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; an...
CVE-2017-4904
CVE-2017-4904 concerns VMware products with uninitialized memory usage in the XHCI controller, potentially allowing a guest to execute code on the host. Affected: VMware ESXi (versions 5.5 and later) without patches ESXi650-201703410-SG, ESXi600-201703401-SG, ESXi600-201703403-SG, ESXi600-2017034...
ESXi 6.5 < Build 5224529 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)
The version of the remote VMware ESXi 6.5 host is prior to build 5224529. It is, therefore, affected by multiple vulnerabilities : - A stack memory initialization flaw exists that allows an attacker on the guest to execute arbitrary code on the host. CVE-2017-4903 - An unspecified flaw exists in...
VMware Workstation 12.x < 12.5.5 Multiple Vulnerabilities (VMSA-2017-0006) (Linux)
The version of VMware Workstation installed on the remote Linux host is 12.x prior to 12.5.5. It is, therefore, affected by multiple vulnerabilities : - A heap buffer overflow condition exists due to improper validation of certain input. An attacker on the guest can exploit this to cause a denial...
VMSA-2017-0006 : VMware ESXi, Workstation and Fusion updates address critical and moderate security issues
a. ESXi, Workstation, Fusion SVGA memory corruption ESXi, Workstation, Fusion have a heap buffer overflow and uninitialized stack memory usage in SVGA. These issues may allow a guest to execute code on the host. VMware would like to thank ZDI and Team 360 Security from Qihoo for reporting these...
VMware Fusion 8.x < 8.5.6 Multiple Vulnerabilities (VMSA-2017-0006) (macOS)
The version of VMware Fusion installed on the remote macOS or Mac OS X host is 8.x prior to 8.5.6. It is, therefore, affected by multiple vulnerabilities : - A heap buffer overflow condition exists due to improper validation of certain input. An attacker on the guest can exploit this to cause a...