CVE-2017-4903

Description

VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host.

Risk Information

Base Score

8.8

MODERATE

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Score

Exploitation Probability

0.067

Associated Vulnerability

Vulnerability	OS Platform
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.0.0	Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.0.1	Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.0.2	Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.1.0	Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.1.1	Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.5.0	Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.5.1	Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.5.2	Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.5.3	Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.5.4	Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.5.5	Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-605160	VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160	VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160	VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160	VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160	VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160	VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160	VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160	VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160	VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160	VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160	VMware Fusion for MAC 13.0.2 (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234