CVE-2017-4950: CVE-2017-4950

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-4950

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may lead to an out-of-bound read which can then be used to execute code on the host in conjunction with other issues. Note: IPv6 mode for VMNAT is not enabled by default.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

VMware Workstation和Fusion VMware NAT服务数字错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

VMWare Workstation和Fusion都是美国威睿（VMware）公司的桌面虚拟计算机软件，前者提供可以同时运行多个不同的操作系统的虚拟机功能，后者是用于在苹果机（Mac）上运行Windows应用程序的虚拟机软件。VMware NAT service是其中的一个网络地址转换服务。 VMware Workstation和Fusion中的VMware NAT服务存在整数溢出漏洞。攻击者可利用该漏洞造成越边界读取。以下产品和版本受到影响：VMware Workstation 14.x版本，12.x版

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
VMware	Workstation Pro / Player	14.x before 14.1.1	-
VMware	Fusion	10.x before 10.1.1	-

II. Public POCs for CVE-2017-4950

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-4950

Please Login to view more intelligence information

https://www.vmware.com/security/advisories/VMSA-2018-0005.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/102490vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1040161vdb-entryx_refsource_SECTRACK
https://nvd.nist.gov/vuln/detail/CVE-2017-4950

IV. Related Vulnerabilities

Same product: Workstation Pro / Player

CVE-2017-4949
VMware Workstation和Fusion Mware NAT服务安全漏洞

Same vendor: VMware

V. Comments for CVE-2017-4950

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2017-4950

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-4950

III. Intelligence Information for CVE-2017-4950

IV. Related Vulnerabilities

V. Comments for CVE-2017-4950

Leave a comment