Vulnerability Details : CVE-2015-2340
TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors.
Vulnerability category: Denial of service
Products affected by CVE-2015-2340
- cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_client:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_client:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view_client:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view_client:5.4.1:*:*:*:*:*:*:*
Threat overview for CVE-2015-2340
Top countries where our scanners detected CVE-2015-2340
Top open port discovered on systems with this issue
443
IPs affected by CVE-2015-2340 93
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2015-2340!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2015-2340
0.23%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 46 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-2340
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.1
|
MEDIUM | AV:A/AC:L/Au:N/C:N/I:N/A:C |
6.5
|
6.9
|
NIST |
CWE ids for CVE-2015-2340
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-2340
-
http://www.securitytracker.com/id/1032529
VMware Horizon Client for Windows Bugs Let Local Users Gain Elevated Privileges and Deny Service - SecurityTracker
-
http://www.securityfocus.com/bid/75092
Multiple VMware Products Multiple Denial Of Service Vulnerabilities
-
http://www.vmware.com/security/advisories/VMSA-2015-0004.html
VMSA-2015-0004Patch;Vendor Advisory
-
http://www.securitytracker.com/id/1032530
VMware Workstation/Player/Fusion Bugs Let Local Users Gain Elevated Privileges and Deny Service - SecurityTracker
Jump to