KLA11457
Multiple vulnerabilities in VMware Workstation and Fusion
Обновлено: 26/06/2019
Дата обнаружения
28/03/2019
Уровень угрозы
Critical
Описание

Multiple vulnerabilities were found in VMware Workstation and Fusion. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code and cause denial of service.

Below is a complete list of vulnerabilities:

  1. Security vulnerability in VMware Fusion can be exploited to bypass security restrictions;
  2. Out-of-bounds write vulnerability in VMware Workstation and Fusion can be exploited to cause denial of service and potentially execute arbitrary code;
  3. Out-of-bounds read/write vulnerability in VMware Workstation and Fusion can be exploited to execute arbitrary code;
  4. Time-of-check Time-of-use (TOCTOU) vulnerability in VMware Workstation and Fusion can be exploited to execute arbitrary code;
  5. Out-of-bounds write vulnerability in VMware Workstation and Fusion can be exploited to execute arbitrary code;
Пораженные продукты

VMware Workstation 15.x earlier than 15.0.4
VMware Workstation 14.x earlier than 14.1.7
VMware Fusion 11.x earlier than 11.0.3
VMware Fusion 10.x earlier than 10.1.6

Решение

Update to the latest version
Download Fusion

Первичный источник обнаружения
VMSA-2019-0005
Оказываемое влияние
?
ACE 
[?]

DoS 
[?]

SB 
[?]
Связанные продукты
VMware Workstation
VMware Fusion
CVE-IDS
CVE-2019-55140.0Unknown
CVE-2019-55150.0Unknown
CVE-2019-55180.0Unknown
CVE-2019-55190.0Unknown
CVE-2019-55240.0Unknown