CVE-2018-6973Out-of-bounds Write in Vmware Fusion

CWE-787Out-of-bounds Write4 documents4 sources
Severity
8.8HIGHNVD
EPSS
0.2%
top 62.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Vmware FusionVmware Workstation
Timeline
PublishedAug 15
Latest updateMay 14

Description

VMware Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds write vulnerability in the e1000 device. This issue may allow a guest to execute code on the host.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages4 packages

NVDvmware/fusion< 10.1.3
NVDvmware/workstation14.0.014.1.3
CVEListV5vmware/fusion10.x before 10.1.3
CVEListV5vmware/workstation14.x before 14.1.3

🔴Vulnerability Details

2
GHSA
GHSA-m7mh-m68x-wqxx: VMware Workstation (142022-05-14
CVEList
CVE-2018-6973: VMware Workstation (142018-08-15

💥Exploits & PoCs

1
Exploit-DB
Sricam gSOAP 2.8 - Denial of Service2019-01-28
CVE-2018-6973 — Out-of-bounds Write in Vmware Fusion | cvebase