Lucene search
Nico Golde and Ralf-Philipp WeinmannComsecuris UG (haftungsbeschraenkt)ZDI-17-738HistorySep 15, 2017 - 12:00 a.m.
VMware Workstation Shader Out-Of-Bounds Write Privilege Escalation Vulnerability
2017-09-1500:00:00
Nico Golde and Ralf-Philipp WeinmannComsecuris UG (haftungsbeschraenkt)
www.zerodayinitiative.com
15
0.003 Low
EPSS
Percentile
65.6%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the guest system in order to exploit this vulnerability. The specific flaw exists within the Shader implementation. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the host OS.
Related
openvas
openvas
VMware Workstation SVGA Device Code Execution Vulnerability - Linux
2017-09-20 00:00:00
VMware Workstation SVGA Device Code Execution Vulnerability - Windows
2017-09-20 00:00:00
VMware ESXi SVGA Device Code Execution Vulnerability (VMSA-2017-0015)
2017-09-22 00:00:00
cve
cve
CVE-2017-4924
2017-09-15 13:29:00
prion
prion
Out-of-bounds
2017-09-15 13:29:00
threatpost
threatpost
VMware Patches Bug That Allows Guest to Execute Code on Host
2017-09-15 11:51:18
nvd
nvd
CVE-2017-4924
2017-09-15 13:29:00
nessus
nessus
cvelist
cvelist
CVE-2017-4924
2017-09-14 00:00:00
vmware
vmware
myhack58
myhack58
kaspersky
kaspersky
KLA11110 Multiple vulnerabilities in VMware products
2017-09-14 00:00:00