Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-7079

The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7080.

Published

2016-12-29T09:59:00.273

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

3.9

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-476
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application vmware tools ≤ 10.0.8 Yes
Application vmware tools 10.0.0 Yes
Application vmware tools 10.0.5 Yes
Application vmware tools 10.0.6 Yes
Operating System apple mac_os_x * No
Application vmware tools 9.0.0 Yes
Application vmware tools 9.0.1 Yes
Application vmware tools 9.0.5 Yes
Application vmware tools 9.0.10 Yes
Application vmware tools 9.0.11 Yes
Application vmware tools 9.0.12 Yes
Application vmware tools 9.0.13 Yes
Application vmware tools 9.0.15 Yes
Application vmware tools 9.0.16 Yes
Application vmware tools 9.0.17 Yes
Application vmware tools 9.4.0 Yes
Application vmware tools 9.4.5 Yes
Application vmware tools 9.4.10 Yes
Application vmware tools 9.4.11 Yes
Application vmware tools 9.4.12 Yes
Application vmware tools 9.4.15 Yes
Application vmware tools 9.10.0 Yes
Application vmware tools 9.10.1 Yes
Application vmware tools 9.10.5 Yes
Operating System apple mac_os_x * No
References