Search for vulnerabilities
Vulnerability details: VCID-m3v7-b6tr-aaaa
Vulnerability ID VCID-m3v7-b6tr-aaaa
Aliases CVE-2011-3868
Summary Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image.
Status Published
Exploitability 0.5
Weighted Severity 8.4
Risk 4.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
epss 0.19769 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.19769 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.19769 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.19769 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.19769 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.19769 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.19769 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.19769 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.23063 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.24621 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.27722 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.27722 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.27722 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.27722 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.27722 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.27722 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.27722 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.27722 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.27722 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.27722 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.27722 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.28218 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.28218 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
epss 0.28218 https://api.first.org/data/v1/epss?cve=CVE-2011-3868
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2011-3868
Reference id Reference type URL
http://osvdb.org/76060
https://api.first.org/data/v1/epss?cve=CVE-2011-3868
http://secunia.com/advisories/46241
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://www.securityfocus.com/archive/1/520005/100/0/threaded
http://www.securityfocus.com/bid/49942
http://www.securitytracker.com/id?1026139
http://www.vmware.com/security/advisories/VMSA-2011-0011.html
cpe:2.3:a:vmware:ams:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:ams:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:3.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:player:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:3.1.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:player:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:3.1.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:player:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.1.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:workstation:7.1.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.1.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:workstation:7.1.4:*:*:*:*:*:*:*
CVE-2011-3868 https://nvd.nist.gov/vuln/detail/CVE-2011-3868
GLSA-201209-25 https://security.gentoo.org/glsa/201209-25
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2011-3868
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.95116
EPSS Score 0.19769
Published At June 7, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.