Vulnerabilities > CVE-2017-4916 - NULL Pointer Dereference vulnerability in VMWare Workstation Player and Workstation PRO

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

vmware

microsoft

CWE-476

nessus

exploit available

NVD

Published: 2017-05-22

Updated: 2017-08-13

Summary

VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation of this issue may allow host users with normal user privileges to trigger a denial-of-service in a Windows host machine.

Vulnerable Configurations

Part	Description	Count
Application	Vmware Vmware Workstation Player 12.0.0 Vmware Workstation PRO 12.0.0	2
OS	Microsoft Microsoft Windows -	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Exploit-Db

description	VMware Workstation 12 Pro - Denial of Service. CVE-2017-4916. Dos exploit for Windows platform
file	exploits/windows/dos/42140.c
id	EDB-ID:42140
last seen	2017-06-08
modified	2017-06-08
platform	windows
port
published	2017-06-08
reporter	Exploit-DB
source	https://www.exploit-db.com/download/42140/
title	VMware Workstation 12 Pro - Denial of Service
type	dos

Nessus

NASL family	Windows
NASL id	VMWARE_WORKSTATION_WIN_VMSA_2017_0009.NASL
description	The version of VMware Workstation installed on the remote Windows host is 12.x prior to 12.5.5. It is, therefore, affected by a NULL pointer dereference flaw in the vstor2 driver. A local attacker can exploit this to cause a denial of service condition.
last seen	2020-06-01
modified	2020-06-02
plugin id	100418
published	2017-05-25
reporter	This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/100418
title	VMware Workstation 12.x < 12.5.6 vstor2 Driver NULL Pointer Dereference DoS (VMSA-2017-0009)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(100418); script_version("1.7"); script_cvs_date("Date: 2019/11/13"); script_cve_id("CVE-2017-4916"); script_bugtraq_id(98560); script_xref(name:"VMSA", value:"2017-0009"); script_name(english:"VMware Workstation 12.x < 12.5.6 vstor2 Driver NULL Pointer Dereference DoS (VMSA-2017-0009)"); script_summary(english:"Checks the VMware Workstation version."); script_set_attribute(attribute:"synopsis", value: "A virtualization application installed on the remote Windows host is affected by a denial of service vulnerability."); script_set_attribute(attribute:"description", value: "The version of VMware Workstation installed on the remote Windows host is 12.x prior to 12.5.5. It is, therefore, affected by a NULL pointer dereference flaw in the vstor2 driver. A local attacker can exploit this to cause a denial of service condition."); script_set_attribute(attribute:"see_also", value:"https://www.vmware.com/security/advisories/VMSA-2017-0009.html"); script_set_attribute(attribute:"solution", value: "Upgrade to VMware Workstation version 12.5.6 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-4916"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/05/18"); script_set_attribute(attribute:"patch_publication_date", value:"2017/05/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/25"); script_set_attribute(attribute:"potential_vulnerability", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:vmware:workstation"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("vmware_workstation_detect.nasl"); script_require_keys("SMB/Registry/Enumerated", "installed_sw/VMware Workstation", "Settings/ParanoidReport"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("install_func.inc"); include("misc_func.inc"); if (report_paranoia < 2) audit(AUDIT_PARANOID); get_kb_item_or_exit("SMB/Registry/Enumerated"); appname = 'VMware Workstation'; install = get_single_install(app_name:appname, exit_if_unknown_ver:TRUE); version = install['version']; path = install['path']; fix = ''; if (version =~ "^12\.") fix = "12.5.6"; if (!empty(fix) && ver_compare(ver:version, fix:fix, strict:FALSE) < 0) { port = get_kb_item("SMB/transport"); if (!port) port = 445; report = '\n Path : ' + path + '\n Installed version : ' + version + '\n Fixed version : ' + fix + '\n'; security_report_v4(port:port, extra:report, severity:SECURITY_WARNING); } else audit(AUDIT_INST_PATH_NOT_VULN, appname, version, path);

Packetstorm

data source	https://packetstormsecurity.com/files/download/142868/vmwarews12pro-dos.txt
id	PACKETSTORM:142868
last seen	2017-06-09
published	2017-06-08
reporter	Borja Merino
source	https://packetstormsecurity.com/files/142868/VMware-Workstation-12-Pro-Denial-Of-Service.html
title	VMware Workstation 12 Pro Denial Of Service