VMware Workstation 12.1.x < 12.1.1 Shared Folders (HGFS) Guest DLL Hijacking Arbitrary Code Execution (VMSA-2016-0010) (Linux)
High Nessus Plugin ID 92946
SynopsisA virtualization application installed on the remote host is affected by an arbitrary code execution vulnerability.
DescriptionThe version of VMware Workstation installed on the remote host is 12.1.x prior to 12.1.1. It is, therefore, affected by an arbitrary code execution vulnerability in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user.
SolutionUpgrade to VMware Workstation 12.1.1 or later.
Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate the vulnerability.