CVE-2016-2077

VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1.3 on Windows incorrectly access an executable file, which allows host OS users to gain host OS privileges via unspecified vectors.

Published: May 18, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-2077
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
vmware / player	7.0	7.0.x
vmware / player	7.1	7.1.x
vmware / player	7.1.1	7.1.1.x
vmware / player	7.1.2	7.1.2.x
vmware / workstation	11.0	11.0.x
vmware / workstation	11.1	11.1.x
vmware / workstation	11.1.1	11.1.1.x
vmware / workstation	11.1.2	11.1.2.x

http://www.securitytracker.com/id/1035900
http://www.vmware.com/security/advisories/VMSA-2016-0005.html

Vulnerability Database

289,689

CVE-2016-2077