CVE-2017-4901
The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion.
| Software | From | Fixed in |
|---|---|---|
| vmware / fusion | 8.5.3 | 8.5.3.x |
| vmware / workstation | 12.5.2 | 12.5.2.x |
| vmware / workstation | 12.1.1 | 12.1.1.x |
| vmware / fusion | 8.5.4 | 8.5.4.x |
| vmware / fusion | 8.1.1 | 8.1.1.x |
| vmware / fusion | 8.5.0 | 8.5.0.x |
| vmware / fusion | 8.5.1 | 8.5.1.x |
| vmware / workstation | 12.1 | 12.1.x |
| vmware / fusion | 8.5.2 | 8.5.2.x |
| vmware / fusion | 8.0.2 | 8.0.2.x |
| vmware / workstation | 12.0.1 | 12.0.1.x |
| vmware / workstation | 12.5.1 | 12.5.1.x |
| vmware / fusion | 8.0.0 | 8.0.0.x |
| vmware / fusion | 8.0.1 | 8.0.1.x |
| vmware / workstation | 12.0 | 12.0.x |
| vmware / workstation | 12.5.3 | 12.5.3.x |
| vmware / workstation | 12.5 | 12.5.x |
| vmware / fusion | 8.1.0 | 8.1.0.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime