CVE-2015-2340 — Vmware Fusion vulnerability

CWE-3993 documents3 sources

Severity

6.1MEDIUMNVD

EPSS

0.1%

top 65.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Fusion Vmware Horizon Client Vmware Horizon View Client +2 more

Timeline

PublishedJun 13

Latest updateMay 17

Description

TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors.

CVSS vector

AV:A/AC:L/C:N/I:N/A:CExploitability: 6.5 | Impact: 6.9

Affected Packages5 packages

▶NVDvmware/horizon_client3.2.0, 3.3+1

▶NVDvmware/horizon_view_client5.4, 5.4.1+1

▶NVDvmware/player8 versions+7

▶NVDvmware/workstation8 versions+7

▶NVDvmware/fusion8 versions+7

Patches

Patch: www.vmware.com ↗Patch: www.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-9r4f-v5jq-fc8w: TPInt↗2022-05-17

▶

CVEList

CVE-2015-2340: TPInt↗2015-06-13

▶