Arbitrary Code Execution Vulnerability in VMware Workstation, Player, and Horizon Client

Arbitrary Code Execution Vulnerability in VMware Workstation, Player, and Horizon Client

CVE-2015-2337 · MEDIUM Severity

AV:A/AC:L/AU:N/C:P/I:P/A:P

TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors.

Learn more about our Cis Benchmark Audit For Vmware.