Описание
VMware Workstation (12.x before 12.5.8) installer contains a DLL hijacking issue that exists due to some DLL files loaded by the application improperly. This issue may allow an attacker to load a DLL file of the attacker's choosing that could execute arbitrary code.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:vmware:workstation:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:12.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:12.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:12.5.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:12.5.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:12.5.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:12.5.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:12.5.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:12.5.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:12.5.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:12.5.7:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00186
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-426
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
VMware Workstation (12.x before 12.5.8) installer contains a DLL hijacking issue that exists due to some DLL files loaded by the application improperly. This issue may allow an attacker to load a DLL file of the attacker's choosing that could execute arbitrary code.
EPSS
Процентиль: 40%
0.00186
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-426