VMware Workstation and Fusion Drag-and-Drop Vulnerability
CVE-2016-7461
8.8HIGH
Key Information:
- Vendor
Vmware
- Vendor
- CVE Published:
- 29 December 2016
What is CVE-2016-7461?
The drag-and-drop functionality in VMware Workstation Pro, Workstation Player, and Fusion allows users of guest operating systems to exploit vulnerabilities that permit execution of arbitrary code on the host operating system. This may also lead to a denial of service due to out-of-bounds memory access, impacting the stability and security of the host environment. Monitor your VMware installations to ensure they are updated to the latest versions to mitigate risks associated with this vulnerability.