CVE-2014-2384
Severity CVSS v4.0:
Pending analysis
Type:
CWE-399
Resource Management Errors
Publication date:
15/04/2014
Last modified:
12/04/2025
Description
vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service (read access violation and system crash) via a crafted buffer in an IOCTL call. NOTE: the researcher reports "Vendor rated issue as non-exploitable."
Impact
Base Score 2.0
4.90
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:vmware:player:6.0.1_build_1379776:*:*:*:*:*:*:* | ||
| cpe:2.3:a:vmware:workstation:10.0.1_build_1379776:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://seclists.org/fulldisclosure/2014/Apr/163
- https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/
- http://seclists.org/fulldisclosure/2014/Apr/163
- https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/