CVE-2018-6963NULL Pointer Dereference in Vmware Fusion

CWE-476NULL Pointer Dereference3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 80.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Vmware FusionVmware Workstation
Timeline
PublishedMay 22
Latest updateMay 14

Description

VMware Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2) contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Successful exploitation of these issues may allow an attacker with limited privileges on the guest machine trigger a denial-of-Service of their guest machine.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDvmware/fusion10.010.1.2
NVDvmware/workstation14.014.1.2
CVEListV5vmware/fusion10.x before 10.1.2
CVEListV5vmware/workstation14.x before 14.1.2

Patches

Patch: www.vmware.comPatch: www.vmware.com

🔴Vulnerability Details

2
GHSA
GHSA-68fh-262x-p9gv: VMware Workstation (142022-05-14
CVEList
CVE-2018-6963: VMware Workstation (142018-05-22
CVE-2018-6963 — NULL Pointer Dereference in Vmware | cvebase