CVE-2015-2337
VMware Workstation 10.x-11.x, Player 6.x-7.x, Horizon Client 3.2.x-5.x - Remote Code Execution
Title source: llmDescription
TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032529
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75095
Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2015-0004.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032530
Scores
EPSS
0.0009
EPSS Percentile
25.7%
Details
CWE
CWE-399
Status
published
Products (28)
vmware/fusion
6.0
vmware/fusion
6.0.1
vmware/fusion
6.0.2
vmware/fusion
6.0.3
vmware/fusion
6.0.4
vmware/fusion
6.0.5
vmware/fusion
7.0
vmware/fusion
7.0.1
vmware/horizon_client
3.2.0
vmware/horizon_client
3.3
... and 18 more
Published
Jun 13, 2015
Tracked Since
Feb 18, 2026