CVE

Id
80927  
CVE No.
CVE-2015-3650  
Status
Candidate  
Description
vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 and 11.x before 11.1.1, VMware Player 5.x and 6.x before 6.0.7 and 7.x before 7.1.1, and VMware Horizon Client 5.x local-mode before 5.4.2 on Windows does not provide a valid DACL pointer during the setup of the vprintproxy.exe process, which allows host OS users to gain host OS privileges by injecting a thread.  
Phase
Assigned (20150506)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
729913 80927 CVE-2015-3650 MISC:https://www.nettitude.co.uk/vmware-multiple-products-privilege-escalation/  View
729914 80927 CVE-2015-3650 CONFIRM:http://www.vmware.com/security/advisories/VMSA-2015-0005.html  View
729915 80927 CVE-2015-3650 SECTRACK:1032822  View
729916 80927 CVE-2015-3650 URL:http://www.securitytracker.com/id/1032822  View
729917 80927 CVE-2015-3650 SECTRACK:1032823  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
8098 JVNDB-2015-003418 Apple OS X の Intel Graphics Driver におけるバッファオーバーフローの脆弱性 Apple OS X の Intel Graphics Driver には、バッファオーバーフローの脆弱性が存在します。 CVE-2015-3702 80927 7.2 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-003418.html  View