CVE-2017-4950 vulnerability in VMware Products
Published on January 11, 2018

VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may lead to an out-of-bound read which can then be used to execute code on the host in conjunction with other issues. Note: IPv6 mode for VMNAT is not enabled by default.

NVD

Products Associated with CVE-2017-4950

stack.watch emails you whenever new vulnerabilities are published in VMware Workstation or VMware Fusion. Just hit a watch button to start following.

VMware Workstation

VMware Fusion

Affected Versions

VMware Workstation Pro / Player:

Version 14.x before 14.1.1 is affected.
Version 12.x before 12.5.9 is affected.

VMware Fusion:

Version 10.x before 10.1.1 is affected.
Version 8.x before 8.5.10 is affected.

Exploit Probability

EPSS

0.05%

Percentile

15.51%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2017-4950 vulnerability in VMware ProductsPublished on January 11, 2018

Products Associated with CVE-2017-4950

Affected Versions

Exploit Probability

CVE-2017-4950 vulnerability in VMware Products
Published on January 11, 2018