7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.943 High
EPSS
Percentile
99.2%
a. VMware Workstation and Horizon Client memory manipulation issuesVMware Workstation and Horizon Client TPView.dll and TPInt.dll incorrectly handle memory allocation. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon Client.VMware would like to thank Kostya Kortchinsky of the Google Security Team for reporting these issues to us.The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2012-0897 and CVE-2015-2336 (TPView.dll Code Execution), CVE-2015-2338 and CVE-2015-2339 (TPview.dll DoS), CVE-2015-2337 (TPInt.dll Code Execution), and CVE-2015-2340 (TPInt.dll DoS) to these issues.Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0897
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2336
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2337
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2338
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2339
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2340
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2341