Security News > 2015 > July > VMware fixes host privilege escalation bug in Workstation, Player, Horizon View (Help Net Security)

VMware fixes host privilege escalation bug in Workstation, Player, Horizon View (Help Net Security)

2015-07-10 11:42

VMware has issued software updates for VMware Workstation, Player, and Horizon View Client for Windows, which fix relatively serious a host privilege escalation vulnerability (CVE-2015-3650). Repor...

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/_QSh-lBETWM/secworld.php

#security #vmware #CVE-2015-3650

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2015-07-10	CVE-2015-3650	Improper Access Control vulnerability in VMWare Horizon View Client, Player and Workstation vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 and 11.x before 11.1.1, VMware Player 5.x and 6.x before 6.0.7 and 7.x before 7.1.1, and VMware Horizon Client 5.x local-mode before 5.4.2 on Windows does not provide a valid DACL pointer during the setup of the vprintproxy.exe process, which allows host OS users to gain host OS privileges by injecting a thread. local low complexity vmware CWE-284	7.2

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Vmware		186	83	403	198	101	785

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.