CVE-2018-6963

VMware Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2) contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Successful exploitation of these issues may allow an attacker with limited privileges on the guest machine trigger a denial-of-Service of their guest machine.

Published: May 22, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-6963
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-476

Affected Software
References

Software	From	Fixed in
vmware / workstation	14.0	14.1.2
vmware / fusion	10.0	10.1.2

http://www.securityfocus.com/bid/104237
http://www.securitytracker.com/id/1040957
https://www.vmware.com/security/advisories/VMSA-2018-0013.html

Vulnerability Database

289,697

CVE-2018-6963