CVE-2015-2340
First published: Sat Jun 13 2015(Updated: )
TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware Horizon | =3.2.0 | |
| VMware Horizon | =3.3 | |
| VMware Horizon Client | =5.4 | |
| VMware Horizon Client | =5.4.1 | |
| Microsoft Windows | ||
| VMware Fusion Pro | =6.0 | |
| VMware Fusion Pro | =6.0.1 | |
| VMware Fusion Pro | =6.0.2 | |
| VMware Fusion Pro | =6.0.3 | |
| VMware Fusion Pro | =6.0.4 | |
| VMware Fusion Pro | =6.0.5 | |
| VMware Fusion Pro | =7.0 | |
| VMware Fusion Pro | =7.0.1 | |
| VMware Player | =6.0 | |
| VMware Player | =6.0.1 | |
| VMware Player | =6.0.2 | |
| VMware Player | =6.0.3 | |
| VMware Player | =6.0.4 | |
| VMware Player | =6.0.5 | |
| VMware Player | =7.0 | |
| VMware Player | =7.1 | |
| VMware Workstation | =10.0 | |
| VMware Workstation | =10.0.1 | |
| VMware Workstation | =10.0.2 | |
| VMware Workstation | =10.0.3 | |
| VMware Workstation | =10.0.4 | |
| VMware Workstation | =10.0.5 | |
| VMware Workstation | =11.0 | |
| VMware Workstation | =11.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-2340?
CVE-2015-2340 has a high severity rating due to its potential for causing memory allocation issues in certain VMware software.
How do I fix CVE-2015-2340?
To fix CVE-2015-2340, users should update their VMware Workstation, Player, or Horizon Client to the latest versions where the vulnerability has been patched.
Which VMware versions are affected by CVE-2015-2340?
CVE-2015-2340 affects VMware Workstation version 10.x before 10.0.6, 11.x before 11.1.1, and VMware Player and Horizon Client versions as specified in the CVE details.
Can guest OS users exploit CVE-2015-2340?
Yes, guest OS users can exploit CVE-2015-2340 to cause a denial of service or other attacks due to improper memory allocation.
Is this vulnerability limited to Windows systems?
Yes, CVE-2015-2340 specifically affects VMware products running on Windows operating systems.
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/vmware
- canonical/vmware horizon
- version/vmware horizon/3.2.0
- version/vmware horizon/3.3
- canonical/vmware horizon client
- version/vmware horizon client/5.4
- version/vmware horizon client/5.4.1
- vendor/microsoft
- canonical/microsoft windows
- canonical/vmware fusion pro
- version/vmware fusion pro/6.0
- version/vmware fusion pro/6.0.1
- version/vmware fusion pro/6.0.2
- version/vmware fusion pro/6.0.3
- version/vmware fusion pro/6.0.4
- version/vmware fusion pro/6.0.5
- version/vmware fusion pro/7.0
- version/vmware fusion pro/7.0.1
- canonical/vmware player
- version/vmware player/6.0
- version/vmware player/6.0.1
- version/vmware player/6.0.2
- version/vmware player/6.0.3
- version/vmware player/6.0.4
- version/vmware player/6.0.5
- version/vmware player/7.0
- version/vmware player/7.1
- canonical/vmware workstation
- version/vmware workstation/10.0
- version/vmware workstation/10.0.1
- version/vmware workstation/10.0.2
- version/vmware workstation/10.0.3
- version/vmware workstation/10.0.4
- version/vmware workstation/10.0.5
- version/vmware workstation/11.0
- version/vmware workstation/11.1