Computer Security
[EN] securityvulns.ru no-pyccku


VMWare Workstation / Player DoS
updated since 05.05.2014
Published:10.11.2014
Source:
SecurityVulns ID:13731
Type:local
Threat Level:
5/10
Description:Uninitialized potiner dereference on IOCTL processing.
Affected:VMWARE : VMware Workstation 10.0
 VMWARE : VMware Player 6.0
CVE:CVE-2014-2384 (vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service (read access violation and system crash) via a crafted buffer in an IOCTL call. NOTE: the researcher reports "Vendor rated issue as non-exploitable.")
Original documentdocumentdisclosures_(at)_korelogic.com, KL-001-2014-004 : VMWare vmx86.sys Arbitrary Kernel Read (10.11.2014)
 documentadvisories_(at)_portcullis-security.com, CVE-2014-2384 - Invalid Pointer Dereference in VMware Workstation and Player (05.05.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod