what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

VMware Security Advisory 2016-0019

VMware Security Advisory 2016-0019
Posted Nov 14, 2016
Authored by VMware | Site vmware.com

VMware Security Advisory 2016-0019 - VMware Workstation and Fusion updates address a critical out-of-bounds memory access vulnerability.

tags | advisory
advisories | CVE-2016-7461
SHA-256 | 4dcb01dc71f4c3ef8e79650ea56bdb93fd311f72d9cedc07f0802b1354a0cfbd

VMware Security Advisory 2016-0019

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

VMware Security Advisory

Advisory ID: VMSA-2016-0019
Severity: Critical
Synopsis: VMware Workstation and Fusion updates address critical
out-of-bounds memory access vulnerability
Issue date: 2016-11-13
Updated on: 2016-11-13 (Initial Advisory)
CVE number: CVE-2016-7461

1. Summary

VMware Workstation and Fusion updates address address critical
out-of-bounds memory access vulnerability.

2. Relevant Products

VMware Workstation Pro / Player
VMware Fusion Pro / Fusion

3. Problem Description

a. VMware Workstation and Fusion out-of-bounds memory access

The drag-and-drop (DnD) function in VMware Workstation and Fusion has
an out-of-bounds memory access vulnerability. This may allow a guest
to execute code on the operating system that runs Workstation or
Fusion.

Workaround
On Workstation Pro and Fusion, the issue cannot be exploited if both
the drag-and-drop function and the copy-and-paste (C&P) function are
disabled. Refer to the Reference section on documentation how to
disable these functions. This workaround is not available on
Workstation Player.

VMware would like to thank Qinghao Tang and Xinlei Ying from the
360 Marvel Team and lokihardt, all working with the organizers of
PwnFest for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the identifier CVE-2016-7461 to this issue.

Column 5 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.

VMware Product Running Replace with/ Mitigation
Product Version on Severity Apply patch Workaround
=========== ======== ======== ======== ============= ===========
Workstation 12.x Any Critical 12.5.2 Disable
Pro DnD and C&P

Workstation 12.x Any Critical 12.5.2 None
Player

Fusion Pro 8.x Mac OS X Critical 8.5.2 Disable
Fusion DnD and C&P

ESXi Any ESXi N/A Not affected N/A


4. Solution

Please review the patch/release notes for your product and
version and verify the checksum of your downloaded file.

VMware Workstation Pro 12.5.2
Downloads and Documentation:
https://www.vmware.com/go/downloadworkstation
https://www.vmware.com/support/pubs/ws_pubs.html

VMware Workstation Player 12.5.2
Downloads and Documentation:
https://www.vmware.com/go/downloadplayer
https://www.vmware.com/support/pubs/player_pubs.html

VMware Fusion Pro / Fusion 8.5.2
Downloads and Documentation:
https://www.vmware.com/go/downloadfusion
https://www.vmware.com/support/pubs/fusion_pubs.html

5. References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7461

Workaround documentation

Workstation Pro: Disabling drag-and-drop and copy-and-paste
functionality

http://pubs.vmware.com/workstation-12/topic/com.vmware.ICbase/PDF/workstati
on-pro-12-user-guide.pdf
(page 81 and 82)

Fusion: Disabling drag-and-drop and copy-and-paste functionality

http://pubs.vmware.com/fusion-8/topic/com.vmware.ICbase/PDF/fusion-8-user-g
uide.pdf
(page 135)

- ------------------------------------------------------------------------

6. Change log

2016-11-13 VMSA-2016-0019
Initial security advisory in conjunction with the release of VMware
Workstation Pro/Player 12.5.2 and VMware Fusion Pro, Fusion 8.5.2 on
2016-11-13.

- ------------------------------------------------------------------------
7. Contact

E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org

E-mail: security at vmware.com
PGP key at: https://kb.vmware.com/kb/1055

VMware Security Advisories
http://www.vmware.com/security/advisories

VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html

VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html
Twitter
https://twitter.com/VMwareSRC

Copyright 2016 VMware Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.3 (Build 4028)
Charset: utf-8

wj8DBQFYKV+RDEcm8Vbi9kMRArbcAJ9gO4MdeaIYECV3muh613FJ45ZYrACfSFgD
5VhdugdkxotCkv/4vGwyNqY=
=N8Vd
-----END PGP SIGNATURE-----?



Login or Register to add favorites

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close