This script is Copyright (C) 2017 Tenable Network Security, Inc.
A virtualization application installed on the remote Linux host is
affected by a guest-to-host arbitrary code execution vulnerability.
The version of VMware Workstation installed on the remote Linux host
is 12.x prior to 12.5.4. It is, therefore, affected by a guest-to-host
arbitrary code execution vulnerability in the drag-and-drop (DND)
functionality due to an out-of-bounds memory access error. An attacker
within a guest can exploit this issue to execute arbitrary code on the
See also :
Upgrade to VMware Workstation version 12.5.4 or later. Alternatively,
disable both the drag-and-drop function and the copy-and-paste
Risk factor :
High / CVSS Base Score : 7.2
CVSS Temporal Score : 5.6
Public Exploit Available : true