CVE-2017-4901
published 2017-06-08CVE-2017-4901: The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access…
critical9.9CVSS 3.0
AVNACLPRLUINSCCHIHAH
EXPLOIT
The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion.
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | esxi | — | — |
| vmware | fusion | — | — |
| vmware | fusion | — | — |
| vmware | fusion | — | — |
| vmware | fusion | — | — |
| vmware | fusion | — | — |
| vmware | fusion | — | — |
| vmware | fusion | — | — |
| vmware | fusion | — | — |
| vmware | fusion | — | — |
| vmware | fusion | — | — |
| vmware | fusion_pro | — | — |
| vmware | fusion_pro_fusion | — | — |
| vmware | vmware_fusion | — | — |
| vmware | vmware_workstation | — | — |
| vmware | workstation | — | — |
| vmware | workstation | — | — |
| vmware | workstation | — | — |
| vmware | workstation | — | — |
| vmware | workstation | — | — |
| vmware | workstation | — | — |
| vmware | workstation | — | — |
| vmware | workstation | — | — |
| vmware | workstation_player | — | — |
| vmware | workstation_pro | — | — |