Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

CVE-2016-7461 code execution flaw affects VMware Workstation

VMware has patched a critical out-of-bounds memory access vulnerability, tracked as CVE-2016-7461, affecting its Workstation and Fusion products. The flaw, that resides in the affects the drag-and-drop function, can be exploited by attackers to execute arbitrary code on the host operating system running Fusion or Workstation. The security vulnerability affects Workstation Player and Pro 12.x, and […]

CVE-2016-7461 code execution flaw affects VMware Workstation

VMware has patched a critical out-of-bounds memory access vulnerability, tracked as CVE-2016-7461, affecting its Workstation and Fusion products.

The flaw, that resides in the affects the drag-and-drop function, can be exploited by attackers to execute arbitrary code on the host operating system running Fusion or Workstation.

The security vulnerability affects Workstation Player and Pro 12.x, and Fusion (Pro) 8.x., while the ESXi is not affected.

The flaw war reported hacking contest 2016 PwnFest held in South Korea at the 2016 Power Of Community (POC) security conference. The hackers earned $140,000 for the Windows Edge hacks, while Qihoo hacker team and Lee earned $150,000 for the hack of the VMware Workstation 12.5.1.

CVE-2016-7461 vmware-workstation-33

VMware patched the vulnerability with the release of versions 12.5.2 and 8.5.2.

“Problem Description

a. VMware Workstation and Fusion out-of-bounds memory access vulnerability

The drag-and-drop (DnD) function in VMware Workstation and Fusion has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion.” states the advisory published by VMware.

VMware explained that the flaw cannot be exploited against Workstation Pro or Fusion when both the drag-and-drop and copy-and-paste functions are disabled, while it remains exploitable on Workstation Player.

Recently VMware released several security updates to fix the local privilege escalation flaw in Linux kernel, also known as Dirty COW, tracked as CVE-2016-5195.

“The Linux kernel which ships with the base operating system of VMware Appliances contains a race condition in the way its memory subsystem handles copy-on-write (aka “Dirty COW”). Successful exploitation of the vulnerability may allow for local privilege escalation. The product lines listed in this advisory have been confirmed to be affected.” reads the advisory from VMmware.com.

Security patches for Identity Manager, vRealize Automation and version 5.x of vRealize Operations are still pending.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – CVE-2016-7461, VMware)

[adrotate banner=”9″]