Uninitialized Stack Memory Vulnerability in VMware ESXi and Workstation Products
CVE-2017-4903

8.8HIGH

Key Information:

Vendor

Vmware
Status
Esxi
Workstation Pro / Player
Fusion Pro / Fusion
Vendor
CVE Published:
7 June 2017

What is CVE-2017-4903?

The vulnerability in VMware ESXi and Workstation products arises from uninitialized stack memory usage in the SVGA component. This flaw can potentially permit a guest operating system to execute arbitrary code on the host system, posing a significant risk to system integrity and security. It is crucial for users of affected versions to apply the appropriate patches to mitigate the associated risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ESXi 6.5 without patch ESXi650-201703410-SG

ESXi 6.0 U3 without patch ESXi600-201703401-SG

ESXi 6.0 U2 without patch ESXi600-201703403-SG

References

http://www.securityfocus.com/bid/97160
vdb-entryx_refsource_BID
http://www.vmware.com/security/advisories/VMSA-2017-0006....
x_refsource_CONFIRM
http://www.securitytracker.com/id/1038148
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.