VMware Security Bulletins
VMware has issued a security bulletin regarding a privilege escalation attack affecting VMware 10 and 11, Player 6,7 and VMware Horizon Client for Windows prior to version 5.4.2
http://www.vmware.com/security/advisories/VMSA-2015-0005.html
Summary
VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability.
2. Relevant Releases
VMware Workstation for Windows 11.x prior to version 11.1.1
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
3. Problem Description
a. VMware Workstation, Player and Horizon View Client for Windows host privilege escalation vulnerability.
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Full details are available here:
http://www.vmware.com/security/advisories/VMSA-2015-0005.html
Twitter:@markbaggett
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product | Product Version |
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product | Product Version |
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product | Product Version |
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product | Product Version |
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product | Product Version |
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product | Product Version |
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product | Product Version |
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product | Product Version |
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product | Product Version |
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product | Product Version |
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product | Product Version |
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product | Product Version |
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product | Product Version |
Comments