漏洞类别:Local
漏洞等级: 
漏洞信息
VMware Workstation is a hosted hypervisor that runs on x64 versions of Windows and Linux operating systems.
The drag-and-drop (DnD) function in VMware Workstation and Fusion has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion.
Affected Version
VMware Workstation Pro 12.x.x before 12.5.2,
VMware Workstation Player 12.x.x before 12.5.2, and
VMware Fusion 8.x.x before 8.5.2
漏洞危害
On successful exploitation it allows a guest to execute code on the operating system that runs Workstation or Fusion.
解决方案
Upgrade VMware Workstation Pro, VMware Workstation Player to version 12.5.2 and VMware Fusion to version 8.5.2
Refer to VMSA-2016-0019 for further details.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论