CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-2384

vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service (read access violation and system crash) via a crafted buffer in an IOCTL call. NOTE: the researcher reports "Vendor rated issue as non-exploitable."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.0%

CVSS Severity

CVSS v2 Score 4.9

References

http://seclists.org/fulldisclosure/2014/Apr/163
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/
http://seclists.org/fulldisclosure/2014/Apr/163
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/

Products affected by CVE-2014-2384

Vmware » Player » Version: 6.0.1_build_1379776

cpe:2.3:a:vmware:player:6.0.1_build_1379776
Vmware » Workstation » Version: 10.0.1_build_1379776

cpe:2.3:a:vmware:workstation:10.0.1_build_1379776

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-2384

Products

Pricing

Contact Us