| Vulnerability Name: | CVE-2015-2336 (CCN-103732) | ||||||||
| Assigned: | 2015-06-09 | ||||||||
| Published: | 2015-06-09 | ||||||||
| Updated: | 2016-12-31 | ||||||||
| Summary: | TPView.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors, a different vulnerability than CVE-2012-0897. | ||||||||
| CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 5.8 Medium (CVSS v2 Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P) 4.3 Medium (Temporal CVSS v2 Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-399 | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2015-2336 Source: BID Type: UNKNOWN 75095 Source: SECTRACK Type: UNKNOWN 1032529 Source: SECTRACK Type: UNKNOWN 1032530 Source: CCN Type: VMware Security Advisory VMSA-2015-0004 VMware Workstation, Fusion and Horizon View Client updates address critical security issues Source: CONFIRM Type: Patch, Vendor Advisory http://www.vmware.com/security/advisories/VMSA-2015-0004.html Source: XF Type: UNKNOWN vmware-cve20152336-code-exec(103732) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||