CVE-2014-2384

CWE-3997 documents5 sources
Severity
4.9MEDIUM
EPSS
0.0%
top 89.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Vmware PlayerVmware Workstation
Timeline
PublishedApr 15
Latest updateMay 17

Description

vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service (read access violation and system crash) via a crafted buffer in an IOCTL call. NOTE: the researcher reports "Vendor rated issue as non-exploitable."

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages2 packages

NVDvmware/player6.0.1_build_1379776
NVDvmware/workstation10.0.1_build_1379776

🔴Vulnerability Details

3
GHSA
GHSA-qwfr-2j72-wc9f: vmx862022-05-17
OSV
icu vulnerabilities2015-03-05
CVEList
CVE-2014-2384: vmx862014-04-15
CVE-2014-2384 (MEDIUM CVSS 4.9) | vmx86.sys in VMware Workstation 10. | cvebase.io