CVE-2017-4934

EUVD-2017-14051
VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a heap buffer-overflow vulnerability in VMNAT device. This issue may allow a guest to execute code on the host.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
Affected Products (NVD)
VendorProductVersion
vmwareworkstation
12.0.0
vmwareworkstation
12.0.1
vmwareworkstation
12.1
vmwareworkstation
12.1.1
vmwareworkstation
12.5
vmwareworkstation
12.5.1
vmwareworkstation
12.5.2
vmwareworkstation
12.5.3
vmwareworkstation
12.5.4
vmwareworkstation
12.5.5
vmwareworkstation
12.5.6
vmwareworkstation
12.5.7
vmwarefusion
8.0.0
vmwarefusion
8.0.1
vmwarefusion
8.0.2
vmwarefusion
8.1.0
vmwarefusion
8.1.1
vmwarefusion
8.5.0
vmwarefusion
8.5.1
vmwarefusion
8.5.2
vmwarefusion
8.5.3
vmwarefusion
8.5.4
vmwarefusion
8.5.5
vmwarefusion
8.5.6
vmwarefusion
8.5.7
vmwarefusion
8.5.8
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/101903
http://www.securitytracker.com/id/1039835
https://www.vmware.com/security/advisories/VMSA-2017-0018.html
http://www.securityfocus.com/bid/101903
http://www.securitytracker.com/id/1039835
https://www.vmware.com/security/advisories/VMSA-2017-0018.html