CVE-2017-4949
N/A
N/A
Summary
VMware Workstation and Fusion contain a use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may allow a guest to execute code on the host. Note: IPv6 mode for VMNAT is not enabled by default.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| VMware | Workstation Pro / Player | 14.x before 14.1.1 | affected |
| VMware | Workstation Pro / Player | 12.x before 12.5.9 | affected |
| VMware | Fusion | 10.x before 10.1.1 | affected |
| VMware | Fusion | 8.x before 8.5.10 | affected |
Weaknesses
- Use-after-free vulnerability
ADP Enrichment
CVE Program Container
Additional References
- http://www.securitytracker.com/id/1040161
- http://www.securityfocus.com/bid/102489
- https://www.vmware.com/security/advisories/VMSA-2018-0005.html
References
- http://www.securitytracker.com/id/1040161
- http://www.securityfocus.com/bid/102489
- https://www.vmware.com/security/advisories/VMSA-2018-0005.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.