Vulnerabilities > CVE-2018-6973 - Out-of-bounds Write vulnerability in VMWare Fusion and Workstation
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
VMware Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds write vulnerability in the e1000 device. This issue may allow a guest to execute code on the host.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Windows NASL id VMWARE_WORKSTATION_WIN_VMSA_2018_0022.NASL description The version of VMware Workstation installed on the remote Windows host is 14.x prior to 14.1.3. It is, therefore, missing a security update that fixes an out-of-bounds write vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 111979 published 2018-08-20 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111979 title VMware Workstation 14.x < 14.1.3 Out-of-Bounds Write (VMSA-2018-0022) NASL family General NASL id VMWARE_WORKSTATION_LINUX_VMSA_2018_0022.NASL description The version of VMware Workstation installed on the remote Linux host is 14.x prior to 14.1.3. It is, therefore, missing a security update that fixes an out-of-bounds write vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 111976 published 2018-08-20 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111976 title VMware Workstation 14.x < 14.1.3 Out-of-Bounds Write (VMSA-2018-0022) (Linux) NASL family General NASL id VMWARE_PLAYER_LINUX_VMSA_2018_0022.NASL description The version of VMware Player installed on the remote Linux host is 14.x prior to 14.1.3. It is, therefore, missing a security update that fixes an out-of-bounds write vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 111975 published 2018-08-20 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111975 title VMware Player 14.x < 14.1.3 Out-of-Bounds Write (VMSA-2018-022) (Linux) NASL family Windows NASL id VMWARE_PLAYER_WIN_VMSA_2018_0022.NASL description The version of VMware Player installed on the remote Windows host is 14.x prior to 14.1.3. It is, therefore, missing a security update that fixes an out-of-bounds write vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 111978 published 2018-08-20 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111978 title VMware Player 14.x < 14.1.3 Out-of-Bounds Write (VMSA-2018-022) NASL family MacOS X Local Security Checks NASL id MACOSX_FUSION_VMSA_2018_0022.NASL description The version of VMware Fusion installed on the remote macOS or Mac OS X host is 10.x prior to 10.1.3. It is, therefore, missing a security update that fixes an out-of-bounds write vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 111977 published 2018-08-20 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111977 title VMware Fusion 10.x < 10.1.3 Out-of-Bounds Write Vulnerabilities (VMSA-2018-0022) (macOS)