Improper input validation in Vmware Fusion

CVE-2015-2341

VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, and VMware Fusion 6.x before 6.0.6 and 7.x before 7.0.1 allow attackers to cause a denial of service against a 32-bit guest OS or 64-bit host OS via a crafted RPC comma…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.007 (73.3th percentile) — read the EPSS interpretation.

Affected products

Vmware Fusion — versions 6.0, 6.0.1, 6.0.2
Vmware Player — versions 6.0, 6.0.1, 6.0.2
Vmware Workstation — versions 10.0, 10.0.1, 10.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
75094 (vdb-entry, x_refsource_BID)
1032530 (vdb-entry, x_refsource_SECTRACK)