Unrated severityNVD Advisory· Published Jul 10, 2015· Updated May 6, 2026

CVE-2015-3650

Description

vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 and 11.x before 11.1.1, VMware Player 5.x and 6.x before 6.0.7 and 7.x before 7.1.1, and VMware Horizon Client 5.x local-mode before 5.4.2 on Windows does not provide a valid DACL pointer during the setup of the vprintproxy.exe process, which allows host OS users to gain host OS privileges by injecting a thread.

Affected products

VMware/Player14 versions
cpe:2.3:a:vmware:player:5.0:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:vmware:player:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:6.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:7.1:*:*:*:*:*:*:*
VMware/Workstation9 versions
cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:10.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:11.1:*:*:*:*:*:*:*
VMware/Horizon View Client2 versions
cpe:2.3:a:vmware:horizon_view_client:5.4:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:vmware:horizon_view_client:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view_client:5.4.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.vmware.com/security/advisories/VMSA-2015-0005.htmlnvdPatchVendor Advisory
www.securitytracker.com/id/1032822nvd
www.securitytracker.com/id/1032823nvd
www.nettitude.co.uk/vmware-multiple-products-privilege-escalation/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000