CVE-2017-4938 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 13%

Affected Products (NVD)

Vendor	Product	Version
vmware	workstation	12.0.0
vmware	workstation	12.0.1
vmware	workstation	12.1
vmware	workstation	12.1.1
vmware	workstation	12.5
vmware	workstation	12.5.1
vmware	workstation	12.5.2
vmware	workstation	12.5.3
vmware	workstation	12.5.4
vmware	workstation	12.5.5
vmware	workstation	12.5.6
vmware	workstation	12.5.7
vmware	fusion	8.0.0
vmware	fusion	8.0.1
vmware	fusion	8.0.2
vmware	fusion	8.1.0
vmware	fusion	8.1.1
vmware	fusion	8.5.0
vmware	fusion	8.5.1
vmware	fusion	8.5.2
vmware	fusion	8.5.3
vmware	fusion	8.5.4
vmware	fusion	8.5.5
vmware	fusion	8.5.6
vmware	fusion	8.5.7
vmware	fusion	8.5.8

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-476 - NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

http://www.securityfocus.com/bid/101887

http://www.securitytracker.com/id/1039835

https://www.vmware.com/security/advisories/VMSA-2017-0018.html

http://www.securityfocus.com/bid/101887

http://www.securitytracker.com/id/1039835

https://www.vmware.com/security/advisories/VMSA-2017-0018.html