Arbitrary code execution and denial of service vulnerability in VMware products

Описание

An unspecified vulnerability was found in VMware Workstation Pro 12.x before 12.5.2, VMware Workstation Player 12.x before 12.5.2 and VMware Fusion, Fusion Pro 8.x before 8.5.2. By exploiting this vulnerability malicious users can execute arbitrary code on the host OS or cause a denial of service. This vulnerability can be exploited remotely via unspecified vectors.

---

Technical details

This vulnerability was found in the drag-and-drop (DnD) function.

Первичный источник обнаружения

• VMSA-2016-0019
  

Связанные продукты

• VMware-Workstation
• VMware-Player
• VMware-Fusion

Список CVE

• CVE-2016-7461
  high

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com