Multiple vulnerabilities in VMware products

Описание

Multiple serious vulnerabilities have been found in VMware Workstation and VMware Fusion. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled can be exploited remotely to execute arbitrary code;
2. An integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled can be exploited remotely to execute arbitrary code;

Первичный источник обнаружения

• VMSA-2018-0005
  

Связанные продукты

• VMware-Workstation
• VMware-Fusion

Список CVE

• CVE-2017-4949
  high
• CVE-2017-4950
  high

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com