SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   VMware Vendors:   VMware
VMware Workstation and Fusion Multiple Flaws Let Local Users on the Guest System Cause Denial of Service Conditions or Execute Arbitrary Code on the Host System
SecurityTracker Alert ID:  1039835
SecurityTracker URL:  http://securitytracker.com/id/1039835
CVE Reference:   CVE-2017-4934, CVE-2017-4935, CVE-2017-4936, CVE-2017-4937, CVE-2017-4938, CVE-2017-4939   (Links to External Site)
Updated:  Nov 19 2017
Original Entry Date:  Nov 17 2017
Impact:   Denial of service via local system, Execution of arbitrary code via local system, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Workstation 12.x, Fusion 8.x
Description:   Multiple vulnerabilities were reported in VMware Workstation and Fusion. A local user on the guest system can cause denial of service conditions on the host system. A local user on the guest system can gain elevated privileges on the host system.

A local user on the guest system can trigger a heap overflow in the VMNAT device to execute arbitrary code on the host system [CVE-2017-4934].

A local user on the guest system can trigger an out-of-bounds memory write error in Cortado ThinPrint ('TPView.dll') to cause denial of service conditions or execute arbitrary code on the host system [CVE-2017-4935]. Systems with virtual printing enabled are affected. VMware Fusion is not affected.

A local user on the guest system can trigger an out-of-bounds memory read error in Cortado ThinPrint ('TPView.dll') in the in JPEG2000 parser to cause denial of service conditions or execute arbitrary code on the host system [CVE-2017-4936, CVE-2017-4937]. Systems with virtual printing enabled are affected. VMware Fusion is not affected.

A local user on the guest system can trigger an RPC null pointer dereference to cause the guest system to crash [CVE-2017-4938].

A local user can exploit a DLL hijacking flaw in the installer to potentially execute arbitrary code [CVE-2017-4939]. VMware Workstation 12.x on Windows is affected.

Jun Mao of Tencent PC Manager (via ZDI), Anonymous (via ZDI), Ke Liu of Tencent's Xuanwu Lab, Skyer, and Bjorn Ruytenberg reported these vulnerabilities.

Impact:   A local user on the guest system can cause denial of service conditions on the guest system.

A local user on the guest system can cause denial of service conditions on the host system.

A local user on the guest system can gain elevated privileges on the host system.

Solution:   VMware has issued a fix (Fusion 8.5.9, Workstation 12.5.8).

The VMware advisory is available at:

http://www.vmware.com/security/advisories/VMSA-2017-0018.html

Vendor URL:  www.vmware.com/security/advisories/VMSA-2017-0018.html (Links to External Site)
Cause:   Access control error, Boundary error, State error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC