5 matches found
CVE-2017-4905
CVE-2017-4905 affects VMware ESXi (multiple versions) and VMware Workstation/Fusion up to specific builds, caused by uninitialized memory usage that could leak information. Connected documents provide concrete details: affected products/versions, the root cause (uninitialized memory), and impact ...
CVE-2017-4903
CVE-2017-4903 corresponds to an uninitialized stack memory usage in SVGA affecting VMware products. Affected: ESXi 6.5 and older 6.x/5.5 builds listed as without patches (e.g., ESXi650-201703410-SG; ESXi600-201703401-SG; ESXi600-201703403-SG; ESXi600-201703402-SG; ESXi550-201703401-SG); Workstati...
CVE-2017-4902
CVE-2017-4902 refers to a Heap Buffer Overflow in SVGA that can allow a guest to execute code on the host. Affected products are: VMware ESXi 6.5 (without patch ESXi650-201703410-SG) and ESXi 5.5 (without patch ESXi550-201703401-SG); VMware Workstation Pro/Player 12.x before 12.5.5; VMware Fusion...
CVE-2017-4904
CVE-2017-4904 concerns VMware products with uninitialized memory usage in the XHCI controller, potentially allowing a guest to execute code on the host. Affected: VMware ESXi (versions 5.5 and later) without patches ESXi650-201703410-SG, ESXi600-201703401-SG, ESXi600-201703403-SG, ESXi600-2017034...
CVE-2016-7461
CVE-2016-7461 affects VMware desktop products via a drag-and-drop (DnD) and copy-paste (CnP) memory handling bug in the DnD/CnP RPC path. The issue allows a guest OS user to execute arbitrary code on the host or cause a host DoS through an out-of-bounds memory access. Affected: VMware Workstation...