Description

ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.5.

Related CPE's

a

vmware

horizon

3

a

vmware

remote_console

2

a

vmware

workstation

Vulnerable

a

vmware

fusion

Vulnerable

o

apple

mac_os_x

-

o

vmware

esxi

179

References

https://www.vmware.com/security/advisories/VMSA-2019-0014.html

Vendor Advisory

https://www.vmware.com/security/advisories/VMSA-2019-0014.html

Vendor Advisory

Weaknesses

[email protected]

Primary
CWE-416

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

8.8 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2019-10-10T15:15:18.467Z

6 years ago

Last modified

2024-11-21T03:45:07.943Z

1 year ago