A vulnerability in VMware Tools for Windows could allow a local attacker to access sensitive information or cause a denial of service (DoS) condition on a targeted system.
The vulnerability is due to an out of bounds read condition that exists in the vm3dmp driver of the affected software. An attacker with non-administrative access to a targeted Windows guest system with VMware Tools installed could exploit this vulnerability to access sensitive kernel information or cause a DoS condition on the system. A successful exploit could be used to conduct further attacks.
VMware has confirmed the vulnerability and released software updates.
Security Impact Rating: High