Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-29 | CVE-2016-7456 | Credentials Management vulnerability in VMWare Vsphere Data Protection VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session. | 9.8 |
| 2016-12-29 | CVE-2016-7087 | Path Traversal vulnerability in VMWare Horizon View Directory traversal vulnerability in the Connection Server in VMware Horizon View 5.x before 5.3.7, 6.x before 6.2.3, and 7.x before 7.0.1 allows remote attackers to obtain sensitive information via unspecified vectors. | 5.3 |
| 2016-12-29 | CVE-2016-7086 | Permissions, Privileges, and Access Controls vulnerability in VMWare Workstation Player and Workstation PRO The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory. | 7.8 |
| 2016-12-29 | CVE-2016-7085 | Untrusted Search Path vulnerability in VMWare Workstation Player and Workstation PRO Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2016-12-29 | CVE-2016-7084 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare Workstation Player and Workstation PRO tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via a JPEG 2000 image. | 7.8 |
| 2016-12-29 | CVE-2016-7083 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare Workstation Player and Workstation PRO VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via TrueType fonts embedded in EMFSPOOL. | 7.8 |
| 2016-12-29 | CVE-2016-7082 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare Workstation Player and Workstation PRO VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via an EMF file. | 7.8 |
| 2016-12-29 | CVE-2016-7081 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare Workstation Player and Workstation PRO Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified vectors. | 7.8 |
| 2016-12-29 | CVE-2016-7080 | NULL Pointer Dereference vulnerability in VMWare Tools The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7079. | 7.8 |
| 2016-12-29 | CVE-2016-7079 | NULL Pointer Dereference vulnerability in VMWare Tools The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7080. | 7.8 |