Vulnerability Details CVE-2017-4915
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.054
EPSS Ranking 91.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- http://www.securityfocus.com/bid/98566
- http://www.securitytracker.com/id/1038525
- https://www.exploit-db.com/exploits/42045/
- https://www.vmware.com/security/advisories/VMSA-2017-0009.html
- http://www.securityfocus.com/bid/98566
- http://www.securitytracker.com/id/1038525
- https://www.exploit-db.com/exploits/42045/
- https://www.vmware.com/security/advisories/VMSA-2017-0009.html
Products affected by CVE-2017-4915
-
cpe:2.3:a:vmware:workstation_player:12.0.0
-
cpe:2.3:a:vmware:workstation_pro:12.0.0
-
cpe:2.3:o:linux:linux_kernel:-