CVE-2017-4902

Summary

VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host.

Affected Software

VendorProductVersion RangeStatus
VMwareESXi6.5 without patch ESXi650-201703410-SGaffected
VMwareESXi5.5 without patch ESXi550-201703401-SGaffected
VMwareWorkstation Pro / Player12.x prior to 12.5.5affected
VMwareFusion Pro / Fusion8.x prior to 8.5.6affected

Weaknesses

  • Heap Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References