CVE-2017-4899

VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may exploit this issue to crash the VM or trigger an out-of-bound read. Note: This issue can be triggered only when the host has no graphics card or no graphics drivers are installed.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.7 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
vmwareCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
VendorProductVersion
vmwareworkstation_player
12.0.0
vmwareworkstation_player
12.0.1
vmwareworkstation_player
12.1.0
vmwareworkstation_player
12.5.0
vmwareworkstation_player
12.5.1
vmwareworkstation_pro
12.0.0
vmwareworkstation_pro
12.0.1
vmwareworkstation_pro
12.1.0
vmwareworkstation_pro
12.5.0
vmwareworkstation_pro
12.5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/96771
http://www.securitytracker.com/id/1037979
http://www.vmware.com/security/advisories/VMSA-2017-0003.html
http://www.securityfocus.com/bid/96771
http://www.securitytracker.com/id/1037979
http://www.vmware.com/security/advisories/VMSA-2017-0003.html