CVE-2016-7084

HIGH

VMware Workstation Player 12.x - Remote Code Execution via JPEG 2000 Image

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-7084. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit targets multiple heap-based buffer overflows, out-of-bounds reads, and other memory corruption vulnerabilities in VMware Workstation's vprintproxy.exe (TPView.DLL) via malformed JPEG2000 images embedded in EMF records. The PoC includes a Python script to wrap malicious J2K samples in EMF/EMFSPOOL structures and send them to COM1 for triggering crashes.

Description

tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via a JPEG 2000 image.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdoswindows

https://www.exploit-db.com/exploits/40399

View Code ZIP pw:eip

This exploit targets multiple heap-based buffer overflows, out-of-bounds reads, and other memory corruption vulnerabilities in VMware Workstation's vprintproxy.exe (TPView.DLL) via malformed JPEG2000 images embedded in EMF records. The PoC includes a Python script to wrap malicious J2K samples in EMF/EMFSPOOL structures and send them to COM1 for triggering crashes.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: VMware Workstation 12.1.1 build-3770994 (vprintproxy.exe / TPView.DLL 9.4.1045.1)

No auth needed

Prerequisites: Access to a guest VM with COM1 serial port access · VMware Workstation with Virtual Printers feature enabled

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Vendor Advisory x_refsource_confirm

http://www.vmware.com/security/advisories/VMSA-2016-0014.html

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/40399/

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1036805

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/92934

Scores

CVSS v3 7.8

EPSS 0.0154

EPSS Percentile 71.5%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (8)

vmware/workstation_player 12.0.0

vmware/workstation_player 12.0.1

vmware/workstation_player 12.1.0

vmware/workstation_player 12.1.1

vmware/workstation_pro 12.0.0

vmware/workstation_pro 12.0.1

vmware/workstation_pro 12.1.0

vmware/workstation_pro 12.1.1

Published Dec 29, 2016

Tracked Since Feb 18, 2026