vmware-vmx.exe in VMware Workstation 7.x up to and including 10.x prior to 10.0.7 and 11.x prior to 11.1.1, VMware Player 5.x and 6.x prior to 6.0.7 and 7.x prior to 7.1.1, and VMware Horizon Client 5.x local-mode prior to 5.4.2 on Windows does not provide a valid DACL pointer during the setup of the vprintproxy.exe process, which allows host OS users to gain host OS privileges by injecting a thread.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
vmware player 5.0 |
||
vmware player 6.0.2 |
||
vmware player 6.0.3 |
||
vmware player 5.0.1 |
||
vmware player 5.0.2 |
||
vmware player 6.0.4 |
||
vmware player 6.0.5 |
||
vmware player 6.0 |
||
vmware player 6.0.1 |
||
vmware player 7.1 |
||
vmware player 5.0.3 |
||
vmware player 5.0.4 |
||
vmware player 6.0.6 |
||
vmware player 7.0 |
||
vmware workstation 10.0 |
||
vmware workstation 10.0.1 |
||
vmware workstation 10.0.2 |
||
vmware workstation 10.0.3 |
||
vmware workstation 10.0.4 |
||
vmware workstation 11.0 |
||
vmware workstation 11.1 |
||
vmware workstation 10.0.5 |
||
vmware workstation 10.0.6 |
||
vmware horizon view client 5.4 |
||
vmware horizon view client 5.4.1 |
Vulmon