VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host.
References
| Link | Resource |
|---|---|
| http://www.securityfocus.com/bid/97160 | Third Party Advisory VDB Entry |
| http://www.securitytracker.com/id/1038148 | Third Party Advisory VDB Entry |
| http://www.securitytracker.com/id/1038149 | Third Party Advisory VDB Entry |
| http://www.vmware.com/security/advisories/VMSA-2017-0006.html | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
| AND |
|
History
03 Feb 2022, 19:43
| Type | Values Removed | Values Added |
|---|---|---|
| References | (SECTRACK) http://www.securitytracker.com/id/1038149 - Third Party Advisory, VDB Entry | |
| References | (SECTRACK) http://www.securitytracker.com/id/1038148 - Third Party Advisory, VDB Entry | |
| CPE | cpe:2.3:a:vmware:workstation_pro:12.5.0:*:*:*:*:*:*:* cpe:2.3:a:vmware:fusion:8.0.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_player:12.5.3:*:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:u2:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:u3:*:*:*:*:*:* cpe:2.3:a:vmware:fusion:8.5.2:*:*:*:*:*:*:* cpe:2.3:a:vmware:fusion:8.5.5:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_player:12.5.2:*:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_player:12.5.4:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_player:12.1.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:fusion:8.5.3:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:* cpe:2.3:a:vmware:fusion:8.0.0:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:5.5:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_pro:12.5.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_pro:12.1.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:fusion:8.5.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:* cpe:2.3:a:vmware:fusion:8.5.4:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_pro:12.5.4:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_player:12.5.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_player:12.5.0:*:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.5:*:*:*:*:*:*:* cpe:2.3:a:vmware:fusion:8.1.0:*:*:*:*:*:*:* cpe:2.3:a:vmware:fusion:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:fusion:8.0.2:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_pro:12.5.3:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:u1:*:*:*:*:*:* cpe:2.3:a:vmware:fusion:8.5.0:*:*:*:*:*:*:* |
cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:5.5:1:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201603201:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201601401:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201507404:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201507401:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201510401:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201702208:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:2:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201507102:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:5.5:3a:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201509209:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201603101:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201702212:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201702102:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201601405:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201702204:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201601402:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201610410:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201702203:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201702209:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201702210:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201702205:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201507101:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201511401:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:3:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201504401:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201601404:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:5.5:2:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201608404:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201507403:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201611401:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201702211:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201603203:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:3a:*:*:*:*:*:* cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201505401:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201611402:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201509202:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201507406:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201603204:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201608101:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201608402:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201603202:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201509207:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201509102:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201611403:*:*:*:*:*:* cpe:2.3:a:vmware:fusion_pro:*:*:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201601403:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:1a:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201608405:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201509205:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201507405:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201509101:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201702206:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201603206:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201602401:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201509203:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201603102:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:1b:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201509206:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201605401:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201509204:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201603207:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201507407:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201702201:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:5.5:3b:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:1:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201608403:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201603205:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201509201:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201601101:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201601102:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201608401:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201702202:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201507402:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201702207:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201603208:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201509208:*:*:*:*:*:* cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201509210:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:6.0:600-201702101:*:*:*:*:*:* |
Information
Published : 2017-06-07 18:29
Updated : 2024-02-04 19:29
NVD link : CVE-2017-4903
Mitre link : CVE-2017-4903
CVE.ORG link : CVE-2017-4903
JSON object : View
Products Affected
vmware
- esxi
- workstation_pro
- workstation_player
- fusion_pro
- fusion
apple
- mac_os_x
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer