ID CVE-2015-2338
Summary TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2339.
References
Vulnerable Configurations
  • cpe:2.3:a:vmware:horizon_client:3.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:horizon_client:3.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:horizon_client:3.3:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:horizon_client:3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:horizon_view_client:5.4:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:horizon_view_client:5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:horizon_view_client:5.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:horizon_view_client:5.4.1:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:6.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:6.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:6.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:6.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:6.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:6.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:7.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:player:6.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:player:6.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:player:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:player:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:player:7.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:player:7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:10.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:10.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:11.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:11.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:11.1:*:*:*:*:*:*:*
CVSS
Base: 6.1 (as of 31-12-2016 - 02:59)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:A/AC:L/Au:N/C:N/I:N/A:C
refmap via4
bid 75092
confirm http://www.vmware.com/security/advisories/VMSA-2015-0004.html
sectrack
  • 1032529
  • 1032530
Last major update 31-12-2016 - 02:59
Published 13-06-2015 - 14:59
Last modified 31-12-2016 - 02:59
Back to Top