Multiple VMware Products CVE-2019-5519 Local Code Execution Vulnerability

Multiple VMware products are prone to a local code-execution vulnerability.

Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions.

Information

Bugtraq ID: 107535
Class: Boundary Condition Error
CVE:
Remote: Yes
Local: No
Published: Mar 21 2019 12:00AM
Updated: Mar 21 2019 12:00AM
Credit: Fluoroacetate
Vulnerable: VMWare Workstation 0

Not Vulnerable:

Exploit

Exploitation of this issue was demonstrated at the Pwn2own contest, but the exploit is not publicly available.

References:

Pwn2Own Vancouver 2019: Day One Results (thezdi.com)
VMware Homepage (VMware)

Source: www.securityfocus.com

Exploit Collector

Search Exploit