Main
Vulnerability Database
Exploits
ID:6059 - Exploit for Untrusted search path in VMware Workstation - CVE-2017-4915
ID:6059 - Exploit for Untrusted search path in VMware Workstation - CVE-2017-4915
Published: June 17, 2021
Vulnerability identifier: #VU6616
Vulnerability risk: Low
CVE-ID: CVE-2017-4915
CWE-ID: CWE-426
Exploitation vector: Local access
Vulnerable software:
VMware Workstation
VMware Workstation
Link to public exploit:
Vulnerability description
The vulnerability allows a local attacker to gain root privileges on a Linux host machine.
The weakness exists due to untrusted search path. A local attacker who is able to change configuration can load library via ALSA sound driver configuration files, gain elevated privileges and execute arbitrary code on the system.
Successful exploitation of the vulnerability may result in full system compromise.
The weakness exists due to untrusted search path. A local attacker who is able to change configuration can load library via ALSA sound driver configuration files, gain elevated privileges and execute arbitrary code on the system.
Successful exploitation of the vulnerability may result in full system compromise.
Remediation
Update to version 12.5.6.