VMSA-2015-0005

VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability

VMware Security Advisory
 
VMware Security Advisory Advisory ID:
  VMSA-2015-0005
VMware Security Advisory Synopsis:
  VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability
VMware Security Advisory Issue date:
  2015-07-09
VMware Security Advisory Updated on:
  2015-07-09 (Initial Advisory)
VMware Security Advisory CVE numbers:
  CVE-2015-3650
1. Summary

VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability.

2. Relevant Releases

VMware Workstation for Windows 11.x prior to version 11.1.1
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2

3. Problem Description

a. VMware Workstation, Player and Horizon View Client for Windows host privilege escalation vulnerability.

VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.

VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.

Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.

VMware Product =====
Product Version =====
Running on ======
Replace with/ Apply Patch ==================
VMware Product ===== VMware Workstation
Product Version ===== 11.x
Running on ====== Windows
Replace with/ Apply Patch ================== 11.1.1
VMware Product ===== VMware Workstation
Product Version ===== 10.x
Running on ====== Windows
Replace with/ Apply Patch ================== 10.0.7
VMware Product ===== VMware Player
Product Version ===== 7.x
Running on ====== Windows
Replace with/ Apply Patch ================== 7.1.1
VMware Product ===== VMware Player
Product Version ===== 6.x
Running on ====== Windows
Replace with/ Apply Patch ================== 6.0.7
VMware Product ===== VMware Horizon Client for Windows (with Local Mode Option)
Product Version ===== 5.x
Running on ====== Windows
Replace with/ Apply Patch ================== 5.4.2
VMware Product ===== VMware Horizon Client for Windows
Product Version ===== 3.x
Running on ====== any
Replace with/ Apply Patch ================== not affected
 
4. Solution

Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.

 

VMware Workstation
https://www.vmware.com/go/downloadworkstation

VMware Player
https://www.vmware.com/go/downloadplayer

VMware Horizon Clients
https://www.vmware.com/go/viewclients

 

6. Change log

2015-07-09 VMSA-2015-0005
Initial security advisory.

7. Contact

E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

 

This Security Advisory is posted to the following lists:
 

 security-announce at lists.vmware.com
 bugtraq at securityfocus.com
 fulldisclosure at seclists.org

 

E-mail: security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055

 

VMware Security Advisories
http://www.vmware.com/security/advisories

 

Consolidated list of VMware Security Advisories
http://kb.vmware.com/kb/2078735

 

VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html

 

VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html
 
Twitter
https://twitter.com/VMwareSRC

 

Copyright 2015 VMware Inc.  All rights reserved.

 

 

Sign up for Security Advisories

Enter your email address: