Lucene search
Pwn2carZDI-24-494HistoryMay 22, 2024 - 12:00 a.m.
VMware Workstation SVGA Heap-based Buffer Overflow Remote Code Execution Vulnerability
2024-05-2200:00:00
Pwn2car
www.zerodayinitiative.com
3
vulnerability
remote code execution
vmware workstation
svga
heap-based
buffer overflow
hypervisor
guest system
user interaction
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Workstation. User interaction is required to exploit this vulnerability in that the target in a guest system must visit a malicious page or open a malicious file. The specific flaw exists within the SVGA virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the hypervisor.
Related
nvd
nvd
CVE-2024-22268
2024-05-14 16:16:07
cve
cve
CVE-2024-22268
2024-05-14 16:16:07
vulnrichment
vulnrichment
CVE-2024-22268
2024-05-14 12:58:50
cvelist
cvelist
CVE-2024-22268
2024-05-14 12:58:50
nessus
nessus
VMware Workstation 17.0.x < 17.5.2 Multiple Vulnerabilities (VMSA-2024-0010)
2024-05-16 00:00:00
VMware Fusion 13.0.x < 13.5.2 Multiple Vulnerabilities (VMSA-2024-0010)
2024-05-16 00:00:00
openvas
openvas
VMware Workstation Multiple Vulnerabilities (VMSA_2024_0010) - Windows
2024-05-23 00:00:00
VMware Workstation Multiple Vulnerabilities (VMSA_2024_0010) - Linux
2024-05-23 00:00:00
VMware Fusion Multiple Vulnerabilities (VMSA_2024_0010) - Mac OS X
2024-05-23 00:00:00
thn
thn
VMware Patches Severe Security Flaws in Workstation and Fusion Products
2024-05-14 15:49:00