CVE-2017-4899

medium VMware
CVSS v3 Base Score
4.7
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.0%
Exploitation probability in 30 days
Top 85% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Confidentiality
None
Integrity
None
Availability
High
Published: June 7, 2017 (3263 days ago)
Last Modified: May 13, 2026
Vendor: VMware
Source: NVD

Description

VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may exploit this issue to crash the VM or trigger an out-of-bound read. Note: This issue can be triggered only when the host has no graphics card or no graphics drivers are installed.

CWE

CWE-125

Affected Products

vmware workstation playervmware workstation pro

References

🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 www.vmware.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com