Vmware Workstation Pro vulnerabilities

CVE-2016-7081 [HIGH] CWE-119 CVE-2016-7081: Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Worksta Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.

CVE-2016-7461 [HIGH] CWE-119 CVE-2016-7461: The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Worksta The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors.

CVE-2016-7086 [HIGH] CWE-264 CVE-2016-7086: The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory.

CVE-2016-7084 [HIGH] CWE-119 CVE-2016-7084: tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12 tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via a JPEG 2000 image.

CVE-2016-7082 [HIGH] CWE-119 CVE-2016-7082: VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Window VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via an EMF file.

CVE-2016-7085 [HIGH] CWE-426 CVE-2016-7085: Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 an Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

CVE-2016-5330 [HIGH] CWE-426 CVE-2016-5330: Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.