CVE-2016-2077

Published: May 18, 2016Modified: May 6, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1.3 on Windows incorrectly access an executable file, which allows host OS users to gain host OS privileges via unspecified vectors.

Affected (8)

Products: Vmware: Player, Workstation

Vmware

2 products

Player

Workstation

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Vmware Player	Version 7.0
Vmware Player	Version 7.1.1
Vmware Player	Version 7.1.2
Vmware Player	Version 7.1

Configuration B

4 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Vmware Workstation	Version 11.0
Vmware Workstation	Version 11.1.1
Vmware Workstation	Version 11.1.2
Vmware Workstation	Version 11.1

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

CWE-264

References (4)

http://www.securitytracker.com/id/1035900

Source: cve@mitre.org

http://www.vmware.com/security/advisories/VMSA-2016-0005.html

Source: cve@mitre.org

Vendor Advisory

http://www.securitytracker.com/id/1035900

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vmware.com/security/advisories/VMSA-2016-0005.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.