漏洞类别:Local
漏洞等级: 
漏洞信息
VMware Workstation is a hosted hypervisor that runs on x64 versions of Windows and Linux operating systems.
VMware Workstation update addresses multiple security issues
a. VMware Workstation DLL loading vulnerability
b. VMware Workstation SVGA driver vulnerability
c. VMware Workstation NULL pointer dereference vulnerability
Affected Versions
VMware Workstation Pro 12.x
VMware Workstation Player 12.x
漏洞危害
Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed.(CVE-2017-4898)
An attacker may exploit this issue to crash the VM or trigger an out-of-bound read. (CVE-2017-4899)
Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs. (CVE-2017-4900)
解决方案
Vendor has released fix to these issues (12.5.3). For more details refer this advisory VMSA-2017-0003
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论