CVE-2015-6933 (GCVE-0-2015-6933)
Vulnerability from cvelistv5 – Published: 2016-01-09 02:00 – Updated: 2024-08-06 07:36
VLAI?
Summary
The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:36:34.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1034604",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034604"
},
{
"name": "1034603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034603"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1034604",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034604"
},
{
"name": "1034603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034603"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6933",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034604",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034604"
},
{
"name": "1034603",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034603"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2016-0001.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-6933",
"datePublished": "2016-01-09T02:00:00",
"dateReserved": "2015-09-14T00:00:00",
"dateUpdated": "2024-08-06T07:36:34.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2015-6933\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-01-09T02:59:00.127\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"La implementaci\u00f3n VMware Tools HGFS (tambi\u00e9n conocida como Shared Folders) en VMware Workstation 11.x en versiones anteriores a 11.1.2, VMware Player 7.x en versiones anteriores a 7.1.2, VMware Fusion 7.x en versiones anteriores a 7.1.2 y VMware ESXi 5.0 hasta la versi\u00f3n 6.0 permite a usuarios de SO invitado de Windows obtener privilegios de SO invitado o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria del kernel del SO invitado) a trav\u00e9s de vectores no especificados.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":3.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:player:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93872771-BD86-4707-926B-F6C3577C33A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:player:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B52D8903-B853-43A2-88C3-D79BBA70F8CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:player:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78016ED4-AEA7-4E54-8986-E997000CD646\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"492D7AD2-D660-48F5-A9BE-28CCA6A6B658\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90F0250C-EE18-486B-90D7-348FEF01C2D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:11.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E33E15C-62ED-4E24-AB00-0632C8A90C6E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2331236-2E9B-4B52-81EE-B52DEB41ACE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:5.0:1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C5A1C2B-119E-49F3-B8E6-0610EE1C445C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:5.0:2:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF29B5A4-6E4C-4EAE-BC6A-0DD44262EE35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7217CBE1-3882-4045-A15C-EE7D4174CA00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:5.1:1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A405802-D786-46F9-9E29-C727F9FD480A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"469D98A5-7B8B-41BE-94C6-D6EF25388007\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC77ADEA-F0B8-4E5D-B965-39397F823075\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:fusion:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92275180-52FC-48DE-947C-3AE1B87AF2C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:fusion:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9D5FE8B-7826-4690-952A-1FD98B7B9275\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:fusion:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C9E4C16-838C-4302-A4E7-A79878070519\"}]}]}],\"references\":[{\"url\":\"http://www.securitytracker.com/id/1034603\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1034604\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2016-0001.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1034603\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1034604\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2016-0001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…