CVE-2017-4902
published 2017-06-07CVE-2017-4902: VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro /…
high8.8CVSS 3.1
AVLACLPRLUINSCCHIHAH
VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | esxi | — | — |
| vmware | esxi | — | — |
| vmware | esxi | — | — |
| vmware | esxi | — | — |
| vmware | fusion | >= 8.0.0 < 8.5.6 | 8.5.6 |
| vmware | fusion_pro | — | — |
| vmware | fusion_pro | >= 8.0.0 < 8.5.6 | 8.5.6 |
| vmware | fusion_pro_fusion | — | — |
| vmware | vmware_esxi | — | — |
| vmware | vmware_fusion | — | — |
| vmware | vmware_workstation | — | — |
| vmware | workstation_player | — | — |
| vmware | workstation_player | >= 12.0.0 < 12.5.5 | 12.5.5 |
| vmware | workstation_pro | — | — |
| vmware | workstation_pro | >= 12.0.0 < 12.5.5 | 12.5.5 |
| vmware | workstation_pro_player | — | — |