Kaspersky Threats

KLA10597
Multiple vulnerabilities in VMware products

Updated: 11/06/2018

CVSS ?	7.8
Detect date ?	06/09/2015
Severity ?	Critical
Description	Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities Improper memory allocation can be exploited locally via an unknown vectors; Improper input validation can be exploited locally via vectors related to RPC.
Affected products	VMware Workstation 11 versions earlier than 11.1.1 VMware Workstation 10 versions earlier than 10.0.6 VMware Player 7 versions earlier than 7.1.1 VMware Player 6 versions earlier than 6.0.6 VMware Horizon Client for Windows 3.3 versions earlier than 3.4.0 VMware Horizon Client for Windows 3.2 versions earlier than 3.2.1 VMware Fusion 7 versions earlier than 7.0.1 VMware Fusion 6 versions earlier than 6.0.6
Solution	Update to the latest version Get VMware products
Original advisories	VMware bulletin
Impacts ?	ACE [?] DoS [?]
Related products	VMware Workstation VMware Player VMware Fusion VMware Horizon View Client
CVE-IDS ?	CVE-2015-2337 CVE-2015-2336 CVE-2015-2339 CVE-2012-0897 CVE-2015-2341 CVE-2015-2340 CVE-2015-2338