Memory Allocation Flaw in VMware Workstation and Player
CVE-2015-2336

Currently unrated

Key Information:

Vendor: Vmware
Status: Player; Workstation; Fusion
Vendor: CVE Published:; 13 June 2015

Summary

A vulnerability exists in TPView.dll within certain versions of VMware Workstation, Player, and Horizon Client that fail to properly allocate memory. This oversight allows users of guest operating systems to execute arbitrary code on the host operating system through unspecified vectors, potentially compromising the system's integrity and security.

References

http://www.securitytracker.com/id/1032529

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/75095

vdb-entryx_refsource_BID

http://www.vmware.com/security/advisories/VMSA-2015-0004....

x_refsource_CONFIRM

Timeline

Vulnerability published
Jun 13, 2015
Vulnerability Reserved
Mar 18, 2015