Executive Summary
| Summary | |
|---|---|
| Title | - VMware Workstation, Fusion and Horizon View Client updates address critical security issues |
| Informations | |||
|---|---|---|---|
| Name | VMSA-2015-0004 | First vendor Publication | 2015-06-09 |
| Vendor | VMware | Last vendor Modification | 2015-06-09 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.8 | Attack Range | Network |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| a. VMware Workstation and Horizon Client memory manipulation issues VMware Workstation and Horizon Client TPView.ddl and TPInt.dll incorrectly handle memory allocation. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon Client. VMware would like to thank Kostya Kortchinsky of the Google Security Team for reporting these issues to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2012-0897 and CVE-2015-2336 (TPView.dll Code Execution), CVE-2015-2338 and CVE-2015-2339 (TPview.dll DoS), CVE-2015-2337 (TPInt.dll Code Execution), and CVE-2015-2340 (TPInt.dll DoS) to these issues. b. VMware Workstation, Player, and Fusion Denial of Service vulnerability VMware Workstation, Player, and Fusion contain an input validation issue on an RPC command. This issue may allow for a Denial of Service of the Guest Operating System (32-bit) or a Denial of Service of the Host Operating System (64-bit). VMware would like to thank Peter Kamensky from Digital Security for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-2341 to this issue. |
Original Source
| Url : http://www.vmware.com/security/advisories/VMSA-2015-0004.html |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 71 % | CWE-399 | Resource Management Errors |
| 14 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 14 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:22613 | |||
| Oval ID: | oval:org.mitre.oval:def:22613 | ||
| Title: | Vulnerability in IrfanView before 4.33 in stack-based buffer overflow in the JPEG2000 plugin | ||
| Description: | Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0897 | Version: | 5 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | IrfanView |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-02-01 | Name : IrfanView JPEG-2000 Plugin Remote Stack Based Buffer Overflow Vulnerability File : nvt/gb_irfanview_jpeg2000_bof_vuln.nasl |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2015-06-18 | IAVM : 2015-B-0076 - Multiple Vulnerabilities in VMware Horizon View Client Severity : Category I - VMSKEY : V0060965 |
| 2015-06-18 | IAVM : 2015-B-0077 - VMware Fusion Denial of Service Vulnerability Severity : Category I - VMSKEY : V0060979 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2015-07-28 | VMWare Workstation JPEG2000 stack overflow attempt RuleID : 34987 - Revision : 3 - Type : FILE-OTHER |
| 2015-07-28 | VMWare Workstation JPEG2000 stack overflow attempt RuleID : 34986 - Revision : 3 - Type : FILE-OTHER |
| 2015-07-28 | VMWare Workstation JPEG2000 stack overflow attempt RuleID : 34985 - Revision : 3 - Type : FILE-OTHER |
| 2015-07-28 | VMWare Workstation JPEG2000 stack overflow attempt RuleID : 34984 - Revision : 3 - Type : FILE-OTHER |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2015-06-16 | Name : A VMware product installed on the remote host is affected by a denial of serv... File : macosx_fusion_7_0_1.nasl - Type : ACT_GATHER_INFO |
| 2015-06-16 | Name : The remote host has a virtualization application installed that is affected b... File : vmware_player_6_0_6_vmsa_2015-0004.nasl - Type : ACT_GATHER_INFO |
| 2015-06-16 | Name : The remote host has a virtualization application installed that is affected b... File : vmware_player_7_1_1_vmsa_2015-0004.nasl - Type : ACT_GATHER_INFO |
| 2015-06-16 | Name : The remote host has a virtualization application installed that is affected b... File : vmware_player_linux_6_0_6.nasl - Type : ACT_GATHER_INFO |
| 2015-06-16 | Name : The remote host has a virtualization application installed that is affected b... File : vmware_workstation_linux_10_0_6.nasl - Type : ACT_GATHER_INFO |
| 2015-06-16 | Name : The remote host has a virtualization application installed that is affected b... File : vmware_workstation_multiple_vmsa_2015_0004.nasl - Type : ACT_GATHER_INFO |
| 2015-06-12 | Name : The remote host has a virtual desktop solution installed that is affected by ... File : vmware_horizon_view_client_vmsa_2015_0004.nasl - Type : ACT_GATHER_INFO |
| 2015-02-05 | Name : The remote host has a virtualization application installed that is affected b... File : vmware_workstation_multiple_vmsa_2015_0001.nasl - Type : ACT_GATHER_INFO |
| 2015-01-23 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0004.nasl - Type : ACT_GATHER_INFO |
| 2012-07-05 | Name : The remote host has an application installed that is affected by a stack-base... File : irfanview_jpeg2000_stack_overflow.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2015-10-18 17:26:47 |
|
| 2015-07-28 21:24:11 |
|
| 2015-06-17 13:32:01 |
|
| 2015-06-15 21:31:02 |
|
| 2015-06-13 21:29:41 |
|
| 2015-06-13 13:28:23 |
|
| 2015-06-12 13:25:48 |
|
