CVE-2017-4903
Published Jun 7, 2017
Last updated 3 years ago
Overview
- Description
- VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host.
- Source
- security@vmware.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 6
- Exploitability score
- 2
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5DB0B91B-F8F6-456F-8FBD-7B98A9ABA95A",
"versionEndExcluding": "12.5.5",
"versionStartIncluding": "12.0.0"
},
{
"criteria": "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17F1AB0A-CD31-4FE7-AE1F-4C6A111D1C62",
"versionEndExcluding": "12.5.5",
"versionStartIncluding": "12.0.0"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB90FDCA-A848-4D4D-8A6F-FD04D702EC85"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5:1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4DC223AC-EB3D-48CF-A6CC-D35E00A38394"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5:2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75C8E87E-A869-49F8-89F9-DE64A45CDB35"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5:3a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7F8878C-F73D-4549-9607-74880176D2B0"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5:3b:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E47D369F-13B2-42B3-BB74-60AAD0954B26"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E8861F4-D390-4738-BBF0-9EE4684E9667"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52403C80-3022-4E5B-B16A-24B116D1E6B9"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:1a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBECED2E-05FD-492E-8B57-9BB8ADA82444"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:1b:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C3FBBA4-01FA-45B5-AEDF-FFFE941163FE"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A63E3C72-3145-4661-BBCD-8A67EC0CDDF3"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9159F6E1-6A36-4D3C-85B1-2205B90CD244"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:3a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2C08C24-FBAC-49B8-AABF-4FF8BADA3412"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201504401:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B9D5E67-78C9-495E-91F0-AF94871E5FA2"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201505401:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D35CDFE-F0E7-43F7-A307-E3BDDE5AEAD5"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507101:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADC13026-3B5A-4BF0-BDEC-B77338E427E8"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507102:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6CBA70BA-FFCD-4D2D-AD26-95CC62748937"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507401:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C92DD8B-8AB8-40D4-8E86-12FEB055D37A"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507402:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C58D77F5-CDB2-47DA-A879-BABEBE2E1E04"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507403:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0C324FB-3989-4A4A-BF5B-C40CA698DDB7"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507404:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E7AC58E-D1F8-4FDF-9A28-61CF6158330A"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507405:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "489EE0F6-5510-470E-8711-DC08B4AFB4F7"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507406:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6719ED6F-CBC3-4B1E-9343-23DC3BA15FDA"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507407:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DDAA48A9-9319-4104-B151-D529E5EBF0F7"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509101:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D16CD918-5075-4975-8B1E-21D8AD35A28E"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509102:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A38CD8E-494D-4E0E-A300-8550FC81FAE4"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509201:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F40ABE8-8DED-4633-A34C-00DF5D510E71"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509202:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1736B975-089B-413C-8CA0-5524B957EF9A"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509203:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E4DCBF6-7189-497A-B923-08574443172C"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509204:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16FBA646-0B5E-44A7-BB12-29D5C611AEC5"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509205:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29F57497-7B48-4D0C-B8F5-8D33062BECEE"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509206:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADDE96C7-C489-4D14-990B-8524627A23D2"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509207:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD82C093-FD98-45DE-9EE6-A05E81A1FEC6"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509208:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08789F9E-CDC7-4F89-B925-92C9E3AE5234"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509209:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26ABB84C-B4BF-424E-8F4C-D2B6BE0AC79E"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509210:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "621C203B-4B66-49CC-A35D-D7703109BF14"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201510401:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3261BDEF-D89C-41D9-A360-EC36EAB17490"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201511401:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5170A4F6-02B7-4225-B944-73DB5A4D332C"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601101:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62A97DBA-A56B-4F0B-B9C4-44B5166681AF"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601102:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "806C8BE6-A2BE-45BE-BEF2-396BEB16FCC3"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601401:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBA6211E-134A-484E-8444-FBB5070B395D"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601402:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E7B05B3-4076-4A44-B9A6-A44419F175C2"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601403:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A1636B4-6E79-42D7-AA62-5EE43412B43A"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601404:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F0377D0-BBED-41BF-80C5-58414ED413EE"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601405:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6495283C-D18A-4DDA-852E-46F2273D6DAC"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201602401:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "09DEFEE5-5E9E-4F3A-A245-3E8E2B291339"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603101:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B5A97A3-65DB-4697-9CF1-B4F5E4E4132F"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603102:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17A84E0A-1429-467F-9EE1-FCA062392DC2"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603201:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C591163D-64BC-403B-A460-5B2258EC2F8A"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603202:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED932B89-D34D-4398-8F79-AF98987CAFD0"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603203:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABD365A0-0B09-4EC2-9973-691144C99507"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603204:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBE64DC7-A9D1-416F-89BF-D9F8DD8174AA"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603205:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E198AE4-A6A3-4875-A7DA-44BE9E1B280F"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603206:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2FDD5BA0-8180-484D-8308-B0862B6E9DC3"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603207:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96A6EB9A-A908-42D1-A6BC-E38E861BBECE"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603208:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "651EDCAA-D785-464D-AE41-425A69F6FFB7"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201605401:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B3C704C-9D60-4F72-B482-07F209985E68"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608101:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1CFE956-4391-4B71-BD0B-96A008A624B7"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608401:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "409778CD-9AB3-4793-A5F5-8D8657F81442"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608402:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7EA75DB-B6BE-4E75-89B6-C69E96CBD7BF"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608403:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0DC45A8B-6DE0-465F-9644-B75A09394F25"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608404:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A265671-BCB0-401A-A1E8-500F9D41492E"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608405:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83168067-1E43-4186-9B15-3FC702C6583C"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201610410:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C122DB4-8410-4C4E-87BE-EB3175CE182B"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201611401:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C76ED78D-0778-4269-938E-BB7586C1E44E"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201611402:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A1F78C5-E995-4E37-83C5-5B6A1D39E549"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201611403:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A2E842D-AF37-4641-AD05-B91F250E7487"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702101:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A07EAC87-32FD-4553-B71D-181F2C66AE68"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702102:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD6F0D62-4C51-46D6-A6C4-E479BE6B2C91"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702201:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "865D3042-68ED-44B9-A036-9433F7463D6F"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702202:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC4FEF78-D2DA-4CCE-BB81-7E2090ED545C"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702203:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11AE3F61-9655-4B20-96E1-92112BE2BEDC"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702204:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ECE35166-3019-450B-9C69-484E4EDE5A6D"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702205:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D892B066-381B-4F46-8363-7BA1647BBCD8"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702206:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "710DB381-5504-4493-8D0A-17AB8E5A903B"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702207:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42AAA3B7-B74D-4B67-8BD3-1D9B5ED1E037"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702208:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33CBCA55-010E-4E84-B2F8-F9B53D5A3340"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702209:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95A73B4B-F9B3-4D66-9668-902902C73CB6"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702210:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D14D51D-E2EA-4826-8C6E-AF1C15F12384"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702211:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BED100A1-9D59-48BE-91D4-0C8F2D678E6E"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702212:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "660B51F2-DFE0-49F6-AD2A-6E94B20F4019"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C05F1671-5010-4BB5-BFA7-217FBB946B59",
"versionEndExcluding": "8.5.6",
"versionStartIncluding": "8.0.0"
},
{
"criteria": "cpe:2.3:a:vmware:fusion_pro:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB3E0004-E6F1-4C0D-9B24-A7F1AF4BCBD8",
"versionEndExcluding": "8.5.6",
"versionStartIncluding": "8.0.0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]