Memory Allocation Vulnerability in VMware Workstation and Player Products
CVE-2015-2338

Currently unrated

Key Information:

Vendor: Vmware
Status: Horizon Client; Horizon View Client
Vendor: CVE Published:; 13 June 2015

Summary

The TPview.dll component in VMware Workstation and Player versions exhibits a memory allocation flaw that could be exploited by guest operating system users. This vulnerability may result in a denial of service for the host operating system due to improper memory management, potentially allowing attackers to disrupt services without specific vectors identified. Affected versions include VMware Workstation 10.x, 11.x, Player 6.x, 7.x, and Horizon Client, as outlined in the security advisories.

References

http://www.securitytracker.com/id/1032529

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/75092

vdb-entryx_refsource_BID

http://www.vmware.com/security/advisories/VMSA-2015-0004....

x_refsource_CONFIRM

Timeline

Vulnerability published
Jun 13, 2015
Vulnerability Reserved
Mar 18, 2015