CVE-2017-4916

Description

VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation of this issue may allow host users with normal user privileges to trigger a denial-of-service in a Windows host machine.

Affected products

• VMware / Workstation Pro / PlayerAll 12.x versions prior to version 12.5.6 – All 12.x versions prior to version 12.5.6

References

• MISChttp://www.securitytracker.com/id/1038526
• VENDOR_ADVISORYhttps://www.vmware.com/security/advisories/VMSA-2017-0009.html
• MISChttp://www.securityfocus.com/bid/98560
• EXPLOIThttps://www.exploit-db.com/exploits/42140/