Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-7083

VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via TrueType fonts embedded in EMFSPOOL.

Published

2016-12-29T09:59:00.397

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:M/Au:N/C:P/I:P/A:C

  • Access Vector: LOCAL
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: COMPLETE
Exploitability Score

3.4

Impact Score

8.5

Weaknesses
  • Type: Primary
    CWE-119
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application vmware workstation_player 12.0.0 Yes
Application vmware workstation_player 12.0.1 Yes
Application vmware workstation_player 12.1.0 Yes
Application vmware workstation_player 12.1.1 Yes
Application vmware workstation_pro 12.0.0 Yes
Application vmware workstation_pro 12.0.1 Yes
Application vmware workstation_pro 12.1.0 Yes
Application vmware workstation_pro 12.1.1 Yes
Operating System microsoft windows * No
References