vendor:
Fusion
by:
mu-b
7.2
CVSS
HIGH
Denial of Service
N/A
CWE
Product Name: Fusion
Affected Version From: 2.0.4
Affected Version To: 2.0.5
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Mac OS X
2009
VMware Fusion <= 2.0.5 vmx86 kext local denial of service POC
This exploit is a proof of concept for a local denial of service vulnerability in VMware Fusion versions 2.0.4 and 2.0.5. The exploit is triggered by sending a malicious ioctl request to the /dev/vmmon device. This causes the kernel to panic and the system to crash.
Mitigation:
Upgrade to the latest version of VMware Fusion