Integer-overflow vulnerability in VMWare Workstation and Player - CVE-2017-4950| ID: oval:org.secpod.oval:def:82285 | Date: (C)2022-07-22 (M)2022-07-22 |
| Class: VULNERABILITY | Family: windows |
The host is installed with VMware Workstation 14.x before 14.1.1 or 12.x before 12.5.9, VMware Player 14.x before 14.1.1 or 12.x before 12.5.9 and is prone to an integer overflow vulnerability. A flaw is present in the application which fails to handle VMware NAT service when IPv6 mode is enabled. Successful exploitation may allow attackers to lead to an out-of-bound read which can then be used to execute code on the host in conjunction with other issues.
| Platform: |
| Microsoft Windows Server 2022 |
| Microsoft Windows 11 |
| Microsoft Windows Server 2019 |
| Microsoft Windows 10 |
| Microsoft Windows 7 |
| Microsoft Windows 8.1 |
| Microsoft Windows Server 2008 |
| Microsoft Windows Server 2008 R2 |
| Microsoft Windows Server 2012 |
| Microsoft Windows Server 2012 R2 |
| Microsoft Windows Server 2016 |
| Product: |
| VMware Workstation |
| VMware Player |
