KLA11037
Arbitrary code execution vulnerability in VMware products
Обновлено: 26/06/2019
Дата обнаружения
14/03/2017
Уровень угрозы
Critical
Описание

An out-of-bounds memory access vulnerability in the DnD (drag-and-drop) function was found in VMware Workstation Pro and VMware Workstation Player. By exploiting this vulnerability malicious users can execute arbitrary code on the operating system running VMware Workstation Pro or VMware Workstation Player.

Пораженные продукты

VMware Workstation Pro 12.x before 12.5.4
VMware Workstation Player 12.x before 12.5.4

Решение

Update to the latest version
Download VMware Workstation Pro

Первичный источник обнаружения
VMware Security Advisory
Оказываемое влияние
?
ACE 
[?]
Связанные продукты
VMware Workstation
VMware Player
CVE-IDS
CVE-2017-49017.5Critical