漏洞类别:Local
漏洞等级: 
漏洞信息
VMware Workstation is a hosted hypervisor that runs on x64 versions of Windows and Linux operating systems.
A DLL hijacking vulnerability is present in the VMware Tools "Shared Folders" (HGFS) feature running on Microsoft Windows.
Affected Version
VMware Workstation Pro 12.1.x before 12.1.1,
VMware Workstation Player 12.1.x before 12.1.1, and
VMware Fusion 8.1.x before 8.1.1
漏洞危害
Exploitation of this issue may lead to arbitrary code execution with the privileges of the victim.
In order to exploit this issue, the attacker would need write access to a network share and they would need to entice the local user into opening their document.
解决方案
Upgrade VMware Workstation Pro, VMware Workstation Player to version 12.1.1 and VMware Fusion to version 8.1.1
Make sure Vmware Tools have version 10.0.6**
Refer to VMSA-2016-0010 for further details. Workaround:
There are no known workarounds for this issue.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论