CVE-2019-5522

Published: Jun 6, 2019Modified: Jun 17, 2026

7.1

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Exploitability: 1.8 / Impact: 5.2

Source: NVD

Description

VMware Tools for Windows update addresses an out of bounds read vulnerability in vm3dmp driver which is installed with vmtools in Windows guest machines. This issue is present in versions 10.2.x and 10.3.x prior to 10.3.10. A local attacker with non-administrative access to a Windows guest with VMware Tools installed may be able to leak kernel information or create a denial of service attack on the same Windows guest machine.

Affected (1)

Products: Vmware: Tools

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Vmware Tools	From 10.0.0 to 10.3.10

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

References (4)

http://www.securityfocus.com/bid/108673

Source: security@vmware.com

Third Party AdvisoryVDB Entry

https://www.vmware.com/security/advisories/VMSA-2019-0009.html

Source: security@vmware.com

Vendor Advisory

http://www.securityfocus.com/bid/108673

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://www.vmware.com/security/advisories/VMSA-2019-0009.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.