CVE-2016-2077

9.8CRITICAL

Key Information:

Vendor: Vmware
Status: Player
Vendor: CVE Published:; 18 May 2016

Summary

VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1.3 on Windows incorrectly access an executable file, which allows host OS users to gain host OS privileges via unspecified vectors.

References

http://www.securitytracker.com/id/1035900

vdb-entryx_refsource_SECTRACK

http://www.vmware.com/security/advisories/VMSA-2016-0005....

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 18, 2016
Vulnerability Reserved
Jan 26, 2016