Arbitrary code execution vulnerability in VMware products

Описание

An out-of-bounds memory access vulnerability in the DnD (drag-and-drop) function was found in VMware Workstation Pro and VMware Workstation Player. By exploiting this vulnerability malicious users can execute arbitrary code on the operating system running VMware Workstation Pro or VMware Workstation Player.

Первичный источник обнаружения

• VMware Security Advisory
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• VMware-Workstation
• VMware-Player

Список CVE

• CVE-2017-4901
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com