CVE-2014-2384CVE-2014-2384

Affected configuration(s):

cpe:/a:vmware:player:6.0.1_build_1379776
cpe:/a:vmware:workstation:10.0.1_build_1379776

Date published: 2014-04-15T19:13:15.697-04:00

Date last modified: 2014-04-16T10:23:41.180-04:00

CVSS Score: 4.9

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://seclists.org/fulldisclosure/2014/Apr/163

Summary: vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service (read access violation and system crash) via a crafted buffer in an IOCTL call. NOTE: the researcher reports “Vendor rated issue as non-exploitable.”

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.