Vulnerability Details : CVE-2015-2339
TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2338.
Vulnerability category: Denial of service
Products affected by CVE-2015-2339
- cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_client:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_client:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view_client:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view_client:5.4.1:*:*:*:*:*:*:*
Threat overview for CVE-2015-2339
Top countries where our scanners detected CVE-2015-2339
Top open port discovered on systems with this issue
443
IPs affected by CVE-2015-2339 93
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2015-2339!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2015-2339
0.15%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 50 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-2339
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.1
|
MEDIUM | AV:A/AC:L/Au:N/C:N/I:N/A:C |
6.5
|
6.9
|
NIST |
CWE ids for CVE-2015-2339
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-2339
-
http://www.securitytracker.com/id/1032529
VMware Horizon Client for Windows Bugs Let Local Users Gain Elevated Privileges and Deny Service - SecurityTracker
-
http://www.securityfocus.com/bid/75092
Multiple VMware Products Multiple Denial Of Service Vulnerabilities
-
http://www.vmware.com/security/advisories/VMSA-2015-0004.html
VMSA-2015-0004Patch;Vendor Advisory
-
http://www.securitytracker.com/id/1032530
VMware Workstation/Player/Fusion Bugs Let Local Users Gain Elevated Privileges and Deny Service - SecurityTracker
Jump to