VYPR
Get started
← All advisories
High severity8.8NVD Advisory· Published Dec 29, 2016· Updated May 6, 2026

CVE-2016-7461

CVE-2016-7461

Description

The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors.

Affected products

26
  • VMware/Fusion7 versions
    cpe:2.3:a:vmware:fusion:8.0.0:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:vmware:fusion:8.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.5.1:*:*:*:*:*:*:*
  • VMware/Fusion Pro7 versions
    cpe:2.3:a:vmware:fusion_pro:8.0.0:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:vmware:fusion_pro:8.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion_pro:8.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion_pro:8.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion_pro:8.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion_pro:8.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion_pro:8.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion_pro:8.5.1:*:*:*:*:*:*:*
  • VMware/Workstation Player6 versions
    cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation_player:12.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation_player:12.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation_player:12.5.1:*:*:*:*:*:*:*
  • VMware/Workstation Pro6 versions
    cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation_pro:12.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation_pro:12.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation_pro:12.5.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.