7.8

CVE-2015-2341

VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, and VMware Fusion 6.x before 6.0.6 and 7.x before 7.0.1 allow attackers to cause a denial of service against a 32-bit guest OS or 64-bit host OS via a crafted RPC command.

Data is provided by the National Vulnerability Database (NVD)
VMwareFusion Version6.0
VMwareFusion Version6.0.1
VMwareFusion Version6.0.2
VMwareFusion Version6.0.3
VMwareFusion Version6.0.4
VMwareFusion Version6.0.5
VMwareFusion Version7.0
VMwareFusion Version7.0.1
VMwareFusion Version7.1.0
VMwareFusion Version7.1.1
VMwarePlayer Version6.0
VMwarePlayer Version6.0.1
VMwarePlayer Version6.0.2
VMwarePlayer Version6.0.3
VMwarePlayer Version6.0.4
VMwarePlayer Version6.0.5
VMwareWorkstation Version10.0
VMwareWorkstation Version10.0.1
VMwareWorkstation Version10.0.2
VMwareWorkstation Version10.0.3
VMwareWorkstation Version10.0.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.74% 0.719
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.