VMware Tools for Windows update addresses an out of bounds read vulnerability in vm3dmp driver which is installed with vmtools in Windows guest machines. This issue is present in versions 10.2.x and 10.3.x prior to 10.3.10. A local attacker with non-administrative access to a Windows guest with VMware Tools installed may be able to leak kernel information or create a denial of service attack on the same Windows guest machine.
Published 2019-06-06 19:29:01
Updated 2019-06-13 15:29:00
Source VMware
View at NVD,   CVE.org
Vulnerability category: Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2019-5522

0.04%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-5522

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
3.6
LOW AV:L/AC:L/Au:N/C:P/I:N/A:P
3.9
4.9
NIST
7.1
HIGH CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1.8
5.2
NIST

CWE ids for CVE-2019-5522

  • The product reads data past the end, or before the beginning, of the intended buffer.
    Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-5522

Products affected by CVE-2019-5522

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!