The Common Vulnerabilities and Exposures project () has assigned the identifier CVE-2016-7461 to this issue.Ĭolumn 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware would like to thank Qinghao Tang and Xinlei Ying from the 360 Marvel Team and lokihardt, all working with the organizers of PwnFest for reporting this issue to us. This workaround is not available on Workstation Player. Refer to the Reference section on documentation how to disable these functions. On Workstation Pro and Fusion, the issue cannot be exploited if both the drag-and-drop function and the copy-and-paste (C&P) function are disabled. This may allow a guest to execute code on the operating system that runs Workstation or Fusion. Change log : VMSA-2018-0004 Initial security advisory in conjunction with the release of VMware vCenter Server 5.5 U3g, 6.0 U3d and 6.5 U1e, ESXi 5.5, 6.0, and 6.5 patches and Workstation 14.1. The drag-and-drop (DnD) function in VMware Workstation and Fusion has an out-of-bounds memory access vulnerability. VMware Workstation and Fusion out-of-bounds memory access vulnerability
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |