nvd-json-data-feeds/CVE-2016/CVE-2016-70xx/CVE-2016-7081.json

{
  "id": "CVE-2016-7081",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2016-12-29T09:59:00.337",
  "lastModified": "2017-07-30T01:29:18.303",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basados en memoria din\u00e1mica en VMware Workstation Pro 12.x en versiones anteriores a 12.5.0 y VMware Workstation Player 12.x en versiones anteriores a 12.5.0 en Windows, cuando la impresi\u00f3n virtual Cortado ThinPrint est\u00e1 habilitada, permiten a usuarios invitados del SO ejecutar c\u00f3digo arbitrario en el SO anfitri\u00f3n a trav\u00e9s de vectores no especificados."
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "HIGH",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 1.1,
        "impactScore": 6.0
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "accessVector": "LOCAL",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ABE47D4-506C-4132-829B-19A61ED35F4A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CDB0AC-25B6-4397-9784-386C81C37352"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C48608C8-B7A6-47DD-8C78-44EB2B0D6C0C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:vmware:workstation_player:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1787E49C-19A5-428D-9BEA-5500B3DD60F8"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3E8337D-BC36-4910-A998-309D277D008C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E91FE31-B442-4EE3-A415-D635A5CCA6C2"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C67B92FB-CE89-479D-97DF-237C77BF307B"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:vmware:workstation_pro:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F44F5FBF-DD1D-41F8-A1EC-9720DBC89008"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.securityfocus.com/bid/92935",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "http://www.securitytracker.com/id/1036805",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.vmware.com/security/advisories/VMSA-2016-0014.html",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}