| Vulnerability Name: | CVE-2015-2338 (CCN-103734) | ||||||||
| Assigned: | 2015-06-09 | ||||||||
| Published: | 2015-06-09 | ||||||||
| Updated: | 2016-12-31 | ||||||||
| Summary: | TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2339. | ||||||||
| CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 6.1 Medium (CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:C) 4.5 Medium (Temporal CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-399 | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2015-2338 Source: BID Type: UNKNOWN 75092 Source: SECTRACK Type: UNKNOWN 1032529 Source: SECTRACK Type: UNKNOWN 1032530 Source: CCN Type: VMware Security Advisory VMSA-2015-0004 VMware Workstation, Fusion and Horizon View Client updates address critical security issues Source: CONFIRM Type: Patch, Vendor Advisory http://www.vmware.com/security/advisories/VMSA-2015-0004.html Source: XF Type: UNKNOWN vmware-cve20152338-code-exec(103734) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||