CVE-2015-2337
First published: Sat Jun 13 2015(Updated: )
TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware Fusion Pro | =6.0 | |
| VMware Fusion Pro | =6.0.1 | |
| VMware Fusion Pro | =6.0.2 | |
| VMware Fusion Pro | =6.0.3 | |
| VMware Fusion Pro | =6.0.4 | |
| VMware Fusion Pro | =6.0.5 | |
| VMware Fusion Pro | =7.0 | |
| VMware Fusion Pro | =7.0.1 | |
| VMware Player | =6.0 | |
| VMware Player | =6.0.1 | |
| VMware Player | =6.0.2 | |
| VMware Player | =6.0.3 | |
| VMware Player | =6.0.4 | |
| VMware Player | =6.0.5 | |
| VMware Player | =7.0 | |
| VMware Player | =7.1 | |
| VMware Workstation | =10.0 | |
| VMware Workstation | =10.0.1 | |
| VMware Workstation | =10.0.2 | |
| VMware Workstation | =10.0.3 | |
| VMware Workstation | =10.0.4 | |
| VMware Workstation | =10.0.5 | |
| VMware Workstation | =11.0 | |
| VMware Workstation | =11.1 | |
| VMware Horizon | =3.2.0 | |
| VMware Horizon | =3.3 | |
| VMware Horizon Client | =5.4 | |
| VMware Horizon Client | =5.4.1 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-2337?
CVE-2015-2337 is rated as a high-severity vulnerability due to the potential for local code execution.
How do I fix CVE-2015-2337?
To remediate CVE-2015-2337, upgrade VMware Workstation, VMware Player, or VMware Horizon Client to the latest version as specified in the vendor's security advisories.
Who is affected by CVE-2015-2337?
CVE-2015-2337 affects users of specific versions of VMware Workstation 10.x, 11.x, VMware Player 6.x, 7.x, and VMware Horizon Client 3.2.x, 3.3.x, and 5.x.
What are the potential impacts of CVE-2015-2337 exploitation?
Exploitation of CVE-2015-2337 could allow a guest OS user to execute arbitrary code on the host OS, leading to security breaches.
Is CVE-2015-2337 applicable to all operating systems?
No, CVE-2015-2337 specifically impacts VMware applications running on Windows operating systems.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/vmware
- canonical/vmware fusion pro
- version/vmware fusion pro/6.0
- version/vmware fusion pro/6.0.1
- version/vmware fusion pro/6.0.2
- version/vmware fusion pro/6.0.3
- version/vmware fusion pro/6.0.4
- version/vmware fusion pro/6.0.5
- version/vmware fusion pro/7.0
- version/vmware fusion pro/7.0.1
- canonical/vmware player
- version/vmware player/6.0
- version/vmware player/6.0.1
- version/vmware player/6.0.2
- version/vmware player/6.0.3
- version/vmware player/6.0.4
- version/vmware player/6.0.5
- version/vmware player/7.0
- version/vmware player/7.1
- canonical/vmware workstation
- version/vmware workstation/10.0
- version/vmware workstation/10.0.1
- version/vmware workstation/10.0.2
- version/vmware workstation/10.0.3
- version/vmware workstation/10.0.4
- version/vmware workstation/10.0.5
- version/vmware workstation/11.0
- version/vmware workstation/11.1
- canonical/vmware horizon
- version/vmware horizon/3.2.0
- version/vmware horizon/3.3
- canonical/vmware horizon client
- version/vmware horizon client/5.4
- version/vmware horizon client/5.4.1
- vendor/microsoft
- canonical/microsoft windows