Vulnerability Name: | CVE-2016-2077 (CCN-113298) | ||||||||||||
Assigned: | 2016-05-17 | ||||||||||||
Published: | 2016-05-17 | ||||||||||||
Updated: | 2016-12-01 | ||||||||||||
Summary: | VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1.3 on Windows incorrectly access an executable file, which allows host OS users to gain host OS privileges via unspecified vectors. | ||||||||||||
CVSS v3 Severity: | 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
8.1 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||
Vulnerability Type: | CWE-264 | ||||||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2016-2077 Source: SECTRACK Type: UNKNOWN 1035900 Source: CCN Type: VMware Security Advisory VMSA-2016-0005 VMware product updates address critical and important security issues Source: CONFIRM Type: Vendor Advisory http://www.vmware.com/security/advisories/VMSA-2016-0005.html Source: XF Type: UNKNOWN vmware-workstation-cve20162077-priv-esc(113298) | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Denotes that component is vulnerable | ||||||||||||
BACK |