CVE-2018-6963
MEDIUMVMware Fusion 10.0-10.1.1 and Workstation 14.0-14.1.1 - Denial of Service via RPC Handler NULL Pointer Dereference
Title source: llmDescription
VMware Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2) contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Successful exploitation of these issues may allow an attacker with limited privileges on the guest machine trigger a denial-of-Service of their guest machine.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104237
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1040957
Patch, Vendor Advisory x_refsource_confirm
https://www.vmware.com/security/advisories/VMSA-2018-0013.html
Scores
CVSS v3
5.5
EPSS
0.0006
EPSS Percentile
19.8%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (2)
vmware/fusion
10.0 - 10.1.2
vmware/workstation
14.0 - 14.1.2
Published
May 22, 2018
Tracked Since
Feb 18, 2026