What is the severity of CVE-2017-4903?

CVE-2017-4903 has a severity rating that can be classified as high due to the potential for remote code execution.

How do I fix CVE-2017-4903?

To fix CVE-2017-4903, ensure that you apply the relevant patches for VMware ESXi, Workstation Pro, Player, or Fusion as specified by VMware.

What vulnerabilities are associated with CVE-2017-4903?

CVE-2017-4903 is associated with vulnerabilities related to unpatched versions of VMware ESXi and other VMware products.

Which VMware products are affected by CVE-2017-4903?

CVE-2017-4903 affects VMware ESXi 5.5, 6.0, and 6.5 as well as VMware Workstation Pro/Player and Fusion before specific versions.

What are the potential consequences of exploiting CVE-2017-4903?

Exploiting CVE-2017-4903 could allow an attacker to execute arbitrary code on the affected host, leading to potential data breaches or system compromise.

Vulnerability/
CVE-2017-4903

high

8.8

CWE

119

7/6/2017

3/2/2022

CVE-2017-4903: Buffer Overflow

First published: Wed Jun 07 2017(Updated: )

VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host.

Credit: security@vmware.com

Affected Software	Affected Version	How to fix
VMware Workstation Player	>=12.0.0<12.5.5
VMware Workstation Pro	>=12.0.0<12.5.5
VMware ESXi	=5.5
VMware ESXi	=5.5-1
VMware ESXi	=5.5-2
VMware ESXi	=5.5-3a
VMware ESXi	=5.5-3b
VMware ESXi	=6.0
VMware ESXi	=6.0-1
VMware ESXi	=6.0-1a
VMware ESXi	=6.0-1b
VMware ESXi	=6.0-2
VMware ESXi	=6.0-3
VMware ESXi	=6.0-3a
VMware ESXi	=6.0-600-201504401
VMware ESXi	=6.0-600-201505401
VMware ESXi	=6.0-600-201507101
VMware ESXi	=6.0-600-201507102
VMware ESXi	=6.0-600-201507401
VMware ESXi	=6.0-600-201507402
VMware ESXi	=6.0-600-201507403
VMware ESXi	=6.0-600-201507404
VMware ESXi	=6.0-600-201507405
VMware ESXi	=6.0-600-201507406
VMware ESXi	=6.0-600-201507407
VMware ESXi	=6.0-600-201509101
VMware ESXi	=6.0-600-201509102
VMware ESXi	=6.0-600-201509201
VMware ESXi	=6.0-600-201509202
VMware ESXi	=6.0-600-201509203
VMware ESXi	=6.0-600-201509204
VMware ESXi	=6.0-600-201509205
VMware ESXi	=6.0-600-201509206
VMware ESXi	=6.0-600-201509207
VMware ESXi	=6.0-600-201509208
VMware ESXi	=6.0-600-201509209
VMware ESXi	=6.0-600-201509210
VMware ESXi	=6.0-600-201510401
VMware ESXi	=6.0-600-201511401
VMware ESXi	=6.0-600-201601101
VMware ESXi	=6.0-600-201601102
VMware ESXi	=6.0-600-201601401
VMware ESXi	=6.0-600-201601402
VMware ESXi	=6.0-600-201601403
VMware ESXi	=6.0-600-201601404
VMware ESXi	=6.0-600-201601405
VMware ESXi	=6.0-600-201602401
VMware ESXi	=6.0-600-201603101
VMware ESXi	=6.0-600-201603102
VMware ESXi	=6.0-600-201603201
VMware ESXi	=6.0-600-201603202
VMware ESXi	=6.0-600-201603203
VMware ESXi	=6.0-600-201603204
VMware ESXi	=6.0-600-201603205
VMware ESXi	=6.0-600-201603206
VMware ESXi	=6.0-600-201603207
VMware ESXi	=6.0-600-201603208
VMware ESXi	=6.0-600-201605401
VMware ESXi	=6.0-600-201608101
VMware ESXi	=6.0-600-201608401
VMware ESXi	=6.0-600-201608402
VMware ESXi	=6.0-600-201608403
VMware ESXi	=6.0-600-201608404
VMware ESXi	=6.0-600-201608405
VMware ESXi	=6.0-600-201610410
VMware ESXi	=6.0-600-201611401
VMware ESXi	=6.0-600-201611402
VMware ESXi	=6.0-600-201611403
VMware ESXi	=6.0-600-201702101
VMware ESXi	=6.0-600-201702102
VMware ESXi	=6.0-600-201702201
VMware ESXi	=6.0-600-201702202
VMware ESXi	=6.0-600-201702203
VMware ESXi	=6.0-600-201702204
VMware ESXi	=6.0-600-201702205
VMware ESXi	=6.0-600-201702206
VMware ESXi	=6.0-600-201702207
VMware ESXi	=6.0-600-201702208
VMware ESXi	=6.0-600-201702209
VMware ESXi	=6.0-600-201702210
VMware ESXi	=6.0-600-201702211
VMware ESXi	=6.0-600-201702212
VMware ESXi	=6.5
VMware ESXi	=6.5-650-201701001
VMware ESXi	=6.5-650-201703001
VMware ESXi	=6.5-650-201703002
VMware Fusion Pro	>=8.0.0<8.5.6
VMware Fusion Pro	>=8.0.0<8.5.6
Apple iOS and macOS

Remedy

http://www.vmware.com/security/advisories/VMSA-2017-0006.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-4903?
CVE-2017-4903 has a severity rating that can be classified as high due to the potential for remote code execution.
How do I fix CVE-2017-4903?
To fix CVE-2017-4903, ensure that you apply the relevant patches for VMware ESXi, Workstation Pro, Player, or Fusion as specified by VMware.
What vulnerabilities are associated with CVE-2017-4903?
CVE-2017-4903 is associated with vulnerabilities related to unpatched versions of VMware ESXi and other VMware products.
Which VMware products are affected by CVE-2017-4903?
CVE-2017-4903 affects VMware ESXi 5.5, 6.0, and 6.5 as well as VMware Workstation Pro/Player and Fusion before specific versions.
What are the potential consequences of exploiting CVE-2017-4903?
Exploiting CVE-2017-4903 could allow an attacker to execute arbitrary code on the affected host, leading to potential data breaches or system compromise.

agent/references
agent/type
agent/last-modified-date
agent/first-publish-date
agent/description
agent/severity
agent/weakness
agent/remedy
agent/author
agent/event
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/vmware
canonical/vmware workstation player
version/vmware workstation player/12.0.0
canonical/vmware workstation pro
version/vmware workstation pro/12.0.0
canonical/vmware esxi
version/vmware esxi/5.5
version/vmware esxi/5.5-1
version/vmware esxi/5.5-2
version/vmware esxi/5.5-3a
version/vmware esxi/5.5-3b
version/vmware esxi/6.0
version/vmware esxi/6.0-1
version/vmware esxi/6.0-1a
version/vmware esxi/6.0-1b
version/vmware esxi/6.0-2
version/vmware esxi/6.0-3
version/vmware esxi/6.0-3a
version/vmware esxi/6.0-600-201504401
version/vmware esxi/6.0-600-201505401
version/vmware esxi/6.0-600-201507101
version/vmware esxi/6.0-600-201507102
version/vmware esxi/6.0-600-201507401
version/vmware esxi/6.0-600-201507402
version/vmware esxi/6.0-600-201507403
version/vmware esxi/6.0-600-201507404
version/vmware esxi/6.0-600-201507405
version/vmware esxi/6.0-600-201507406
version/vmware esxi/6.0-600-201507407
version/vmware esxi/6.0-600-201509101
version/vmware esxi/6.0-600-201509102
version/vmware esxi/6.0-600-201509201
version/vmware esxi/6.0-600-201509202
version/vmware esxi/6.0-600-201509203
version/vmware esxi/6.0-600-201509204
version/vmware esxi/6.0-600-201509205
version/vmware esxi/6.0-600-201509206
version/vmware esxi/6.0-600-201509207
version/vmware esxi/6.0-600-201509208
version/vmware esxi/6.0-600-201509209
version/vmware esxi/6.0-600-201509210
version/vmware esxi/6.0-600-201510401
version/vmware esxi/6.0-600-201511401
version/vmware esxi/6.0-600-201601101
version/vmware esxi/6.0-600-201601102
version/vmware esxi/6.0-600-201601401
version/vmware esxi/6.0-600-201601402
version/vmware esxi/6.0-600-201601403
version/vmware esxi/6.0-600-201601404
version/vmware esxi/6.0-600-201601405
version/vmware esxi/6.0-600-201602401
version/vmware esxi/6.0-600-201603101
version/vmware esxi/6.0-600-201603102
version/vmware esxi/6.0-600-201603201
version/vmware esxi/6.0-600-201603202
version/vmware esxi/6.0-600-201603203
version/vmware esxi/6.0-600-201603204
version/vmware esxi/6.0-600-201603205
version/vmware esxi/6.0-600-201603206
version/vmware esxi/6.0-600-201603207
version/vmware esxi/6.0-600-201603208
version/vmware esxi/6.0-600-201605401
version/vmware esxi/6.0-600-201608101
version/vmware esxi/6.0-600-201608401
version/vmware esxi/6.0-600-201608402
version/vmware esxi/6.0-600-201608403
version/vmware esxi/6.0-600-201608404
version/vmware esxi/6.0-600-201608405
version/vmware esxi/6.0-600-201610410
version/vmware esxi/6.0-600-201611401
version/vmware esxi/6.0-600-201611402
version/vmware esxi/6.0-600-201611403
version/vmware esxi/6.0-600-201702101
version/vmware esxi/6.0-600-201702102
version/vmware esxi/6.0-600-201702201
version/vmware esxi/6.0-600-201702202
version/vmware esxi/6.0-600-201702203
version/vmware esxi/6.0-600-201702204
version/vmware esxi/6.0-600-201702205
version/vmware esxi/6.0-600-201702206
version/vmware esxi/6.0-600-201702207
version/vmware esxi/6.0-600-201702208
version/vmware esxi/6.0-600-201702209
version/vmware esxi/6.0-600-201702210
version/vmware esxi/6.0-600-201702211
version/vmware esxi/6.0-600-201702212
version/vmware esxi/6.5
version/vmware esxi/6.5-650-201701001
version/vmware esxi/6.5-650-201703001
version/vmware esxi/6.5-650-201703002
canonical/vmware fusion pro
version/vmware fusion pro/8.0.0
vendor/apple
canonical/apple ios and macos