CVE-2018-6977

MEDIUM Year: 2018
CVSS v3 Score
6.5
Medium
CVSS v2 Score
4.9
Medium
Weakness Type
CWE-835
View all →

Vulnerability Description

VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive.

Related Vulnerabilities

CVE-2010-1282

MEDIUM
CVSS:6.5(Medium)

Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted ATOM size in a .dir (aka Director) file.

CWE-8352010

CVE-2015-5239

MEDIUM
CVSS:6.5(Medium)

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

CWE-8352015

CVE-2015-5278

MEDIUM
CVSS:6.5(Medium)

The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors re...

CWE-8352015

CVE-2015-5694

MEDIUM
CVSS:6.5(Medium)

Designate does not enforce the DNS protocol limit concerning record set sizes

CWE-8352015

CVE-2015-7850

MEDIUM
CVSS:6.5(Medium)

ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.

CWE-8352015