vulnerability

VMware Workstation: VMware Workstation memory corruption vulnerabilities via Cortado Thinprint (VMSA-2016-0014) (CVE-2016-7083)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:L/AC:M/Au:N/C:P/I:P/A:C)	Oct 24, 2016	Oct 24, 2016	Mar 30, 2026

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:C)

Published

Oct 24, 2016

Added

Oct 24, 2016

Modified

Mar 30, 2026

Description

VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via TrueType fonts embedded in EMFSPOOL.

Solution

vmware-workstation-upgrade-12_5_0

References

CVE-2016-7083
https://attackerkb.com/topics/CVE-2016-7083
CWE-119
EUVD-EUVD-2016-7963
http://www.vmware.com/security/advisories/VMSA-2016-0014.html
https://euvd.enisa.europa.eu/vulnerability/EUVD-2016-7963

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today