CVE-2015-2341

VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, and VMware Fusion 6.x before 6.0.6 and 7.x before 7.0.1 allow attackers to cause a denial of service against a 32-bit guest OS or 64-bit host OS via a crafted RPC command.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://www.securityfocus.com/bid/75094
http://www.securitytracker.com/id/1032530
http://www.vmware.com/security/advisories/VMSA-2015-0004.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/75094
http://www.securitytracker.com/id/1032530
http://www.vmware.com/security/advisories/VMSA-2015-0004.html	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:vmware:fusion:6.0:::::::*
	cpe:2.3:a:vmware:fusion:6.0.1:::::::*
	cpe:2.3:a:vmware:fusion:6.0.2:::::::*
	cpe:2.3:a:vmware:fusion:6.0.3:::::::*
	cpe:2.3:a:vmware:fusion:6.0.4:::::::*
	cpe:2.3:a:vmware:fusion:6.0.5:::::::*
	cpe:2.3:a:vmware:fusion:7.0:::::::*
	cpe:2.3:a:vmware:fusion:7.0.1:::::::*
	cpe:2.3:a:vmware:fusion:7.1.0:::::::*
	cpe:2.3:a:vmware:fusion:7.1.1:::::::*
	cpe:2.3:a:vmware:player:6.0:::::::*
	cpe:2.3:a:vmware:player:6.0.1:::::::*
	cpe:2.3:a:vmware:player:6.0.2:::::::*
	cpe:2.3:a:vmware:player:6.0.3:::::::*
	cpe:2.3:a:vmware:player:6.0.4:::::::*
	cpe:2.3:a:vmware:player:6.0.5:::::::*
	cpe:2.3:a:vmware:workstation:10.0:::::::*
	cpe:2.3:a:vmware:workstation:10.0.1:::::::*
	cpe:2.3:a:vmware:workstation:10.0.2:::::::*
	cpe:2.3:a:vmware:workstation:10.0.3:::::::*
	cpe:2.3:a:vmware:workstation:10.0.4:::::::*

History

21 Nov 2024, 02:27

Type	Values Removed	Values Added
References	~~() http://www.securityfocus.com/bid/75094 -~~	() http://www.securityfocus.com/bid/75094 -
References	~~() http://www.securitytracker.com/id/1032530 -~~	() http://www.securitytracker.com/id/1032530 -
References	~~() http://www.vmware.com/security/advisories/VMSA-2015-0004.html - Patch, Vendor Advisory~~	() http://www.vmware.com/security/advisories/VMSA-2015-0004.html - Patch, Vendor Advisory

Information

Published : 2015-06-13 14:59

Updated : 2024-11-21 02:27

NVD link : CVE-2015-2341

Mitre link : CVE-2015-2341

CVE.ORG link : CVE-2015-2341

JSON object : View

Products Affected

vmware

player
workstation
fusion

CWE

CWE-20

Improper Input Validation

7.8 /10